Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2022-3111 (GCVE-0-2022-3111)
Vulnerability from cvelistv5 – Published: 2022-12-14 00:00 – Updated: 2025-04-22 14:11
VLAI?
EPSS
Summary
An issue was discovered in the Linux kernel through 5.16-rc6. free_charger_irq() in drivers/power/supply/wm8350_power.c lacks free of WM8350_IRQ_CHG_FAST_RDY, which is registered in wm8350_init_charger().
Severity ?
5.5 (Medium)
CWE
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T01:00:10.244Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.19-rc2\u0026id=6dee930f6f6776d1e5a7edf542c6863b47d9f078"
},
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2153059"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-3111",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-22T14:11:35.727265Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476 NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-22T14:11:40.074Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Kernel",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Linux 5.16-rc6"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in the Linux kernel through 5.16-rc6. free_charger_irq() in drivers/power/supply/wm8350_power.c lacks free of WM8350_IRQ_CHG_FAST_RDY, which is registered in wm8350_init_charger()."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-12-14T00:00:00.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.19-rc2\u0026id=6dee930f6f6776d1e5a7edf542c6863b47d9f078"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2153059"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2022-3111",
"datePublished": "2022-12-14T00:00:00.000Z",
"dateReserved": "2022-09-02T00:00:00.000Z",
"dateUpdated": "2025-04-22T14:11:40.074Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2022-3111",
"date": "2026-05-21",
"epss": "0.00022",
"percentile": "0.06267"
},
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"5.16.0\", \"matchCriteriaId\": \"02711EF3-4708-401A-A551-BF2666F9CB9A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:5.16.0:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"6D91531A-B5F0-42DC-BF86-12BDB991AAD9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:5.16.0:rc1:*:*:*:*:*:*\", \"matchCriteriaId\": \"7FEA1289-2893-487A-B46C-75AA73FB409A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:5.16.0:rc2:*:*:*:*:*:*\", \"matchCriteriaId\": \"366AF5E2-1187-4871-95D7-17FB5AC61153\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:5.16.0:rc3:*:*:*:*:*:*\", \"matchCriteriaId\": \"EDAA6EAB-A0D8-4522-93CD-E939BE5AC78B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:5.16.0:rc4:*:*:*:*:*:*\", \"matchCriteriaId\": \"420512FD-751B-491E-9F9E-79F6733A876D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:5.16.0:rc5:*:*:*:*:*:*\", \"matchCriteriaId\": \"21E83CF6-6096-4011-9C22-67225992771A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:5.16.0:rc6:*:*:*:*:*:*\", \"matchCriteriaId\": \"C109325B-0F6B-405E-8490-0A55A2294D79\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"An issue was discovered in the Linux kernel through 5.16-rc6. free_charger_irq() in drivers/power/supply/wm8350_power.c lacks free of WM8350_IRQ_CHG_FAST_RDY, which is registered in wm8350_init_charger().\"}, {\"lang\": \"es\", \"value\": \"Se descubri\\u00f3 un problema en el kernel de Linux hasta 5.16-rc6. free_charger_irq() en drivers/power/supply/wm8350_power.c carece de WM8350_IRQ_CHG_FAST_RDY, que est\\u00e1 registrado en wm8350_init_charger().\"}]",
"id": "CVE-2022-3111",
"lastModified": "2024-11-21T07:18:50.950",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 5.5, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 3.6}]}",
"published": "2022-12-14T21:15:12.407",
"references": "[{\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2153059\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Issue Tracking\", \"Third Party Advisory\"]}, {\"url\": \"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.19-rc2\u0026id=6dee930f6f6776d1e5a7edf542c6863b47d9f078\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2153059\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\", \"Third Party Advisory\"]}, {\"url\": \"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.19-rc2\u0026id=6dee930f6f6776d1e5a7edf542c6863b47d9f078\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}]",
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"secalert@redhat.com\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-476\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2022-3111\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2022-12-14T21:15:12.407\",\"lastModified\":\"2025-04-22T14:15:19.850\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An issue was discovered in the Linux kernel through 5.16-rc6. free_charger_irq() in drivers/power/supply/wm8350_power.c lacks free of WM8350_IRQ_CHG_FAST_RDY, which is registered in wm8350_init_charger().\"},{\"lang\":\"es\",\"value\":\"Se descubri\u00f3 un problema en el kernel de Linux hasta 5.16-rc6. free_charger_irq() en drivers/power/supply/wm8350_power.c carece de WM8350_IRQ_CHG_FAST_RDY, que est\u00e1 registrado en wm8350_init_charger().\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-476\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-476\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"5.16.0\",\"matchCriteriaId\":\"02711EF3-4708-401A-A551-BF2666F9CB9A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:5.16.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"6D91531A-B5F0-42DC-BF86-12BDB991AAD9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:5.16.0:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"7FEA1289-2893-487A-B46C-75AA73FB409A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:5.16.0:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"366AF5E2-1187-4871-95D7-17FB5AC61153\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:5.16.0:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"EDAA6EAB-A0D8-4522-93CD-E939BE5AC78B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:5.16.0:rc4:*:*:*:*:*:*\",\"matchCriteriaId\":\"420512FD-751B-491E-9F9E-79F6733A876D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:5.16.0:rc5:*:*:*:*:*:*\",\"matchCriteriaId\":\"21E83CF6-6096-4011-9C22-67225992771A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:5.16.0:rc6:*:*:*:*:*:*\",\"matchCriteriaId\":\"C109325B-0F6B-405E-8490-0A55A2294D79\"}]}]}],\"references\":[{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=2153059\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.19-rc2\u0026id=6dee930f6f6776d1e5a7edf542c6863b47d9f078\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=2153059\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.19-rc2\u0026id=6dee930f6f6776d1e5a7edf542c6863b47d9f078\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.19-rc2\u0026id=6dee930f6f6776d1e5a7edf542c6863b47d9f078\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2153059\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-03T01:00:10.244Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 5.5, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"NONE\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2022-3111\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-04-22T14:11:35.727265Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-476\", \"description\": \"CWE-476 NULL Pointer Dereference\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-04-22T14:11:31.756Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"n/a\", \"product\": \"Kernel\", \"versions\": [{\"status\": \"affected\", \"version\": \"Linux 5.16-rc6\"}]}], \"references\": [{\"url\": \"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.19-rc2\u0026id=6dee930f6f6776d1e5a7edf542c6863b47d9f078\"}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2153059\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"An issue was discovered in the Linux kernel through 5.16-rc6. free_charger_irq() in drivers/power/supply/wm8350_power.c lacks free of WM8350_IRQ_CHG_FAST_RDY, which is registered in wm8350_init_charger().\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-476\", \"description\": \"CWE-476\"}]}], \"providerMetadata\": {\"orgId\": \"53f830b8-0a3f-465b-8143-3b8a9948e749\", \"shortName\": \"redhat\", \"dateUpdated\": \"2022-12-14T00:00:00.000Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2022-3111\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-04-22T14:11:40.074Z\", \"dateReserved\": \"2022-09-02T00:00:00.000Z\", \"assignerOrgId\": \"53f830b8-0a3f-465b-8143-3b8a9948e749\", \"datePublished\": \"2022-12-14T00:00:00.000Z\", \"assignerShortName\": \"redhat\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
CERTFR-2023-AVI-0066
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été corrigées dans le noyau Linux de SUSE. Elles permettent à un attaquant de provoquer un déni de service, une atteinte à la confidentialité des données, un contournement de la politique de sécurité et une atteinte à l'intégrité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| SUSE | openSUSE Leap | openSUSE Leap 15.4 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 15-SP3-ESPOS | ||
| SUSE | SUSE Manager Proxy | SUSE Manager Proxy 4.3 | ||
| SUSE | N/A | SUSE Linux Enterprise High Availability 12-SP5 | ||
| SUSE | N/A | SUSE Linux Enterprise Workstation Extension 15-SP4 | ||
| SUSE | N/A | SUSE Linux Enterprise Software Development Kit 12-SP5 | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Public Cloud 15-SP4 | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Development Tools 15-SP4 | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Live Patching 15-SP4 | ||
| SUSE | N/A | SUSE Linux Enterprise High Availability 15-SP4 | ||
| SUSE | N/A | SUSE Enterprise Storage 7.1 | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Realtime 15-SP4 | ||
| SUSE | N/A | SUSE Linux Enterprise High Availability 15-SP3 | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Legacy Software 15-SP4 | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Realtime 15-SP3 | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Live Patching 15-SP3 | ||
| SUSE | N/A | SUSE Linux Enterprise Realtime Extension 15-SP3 | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Basesystem 15-SP4 | ||
| SUSE | N/A | SUSE Linux Enterprise Workstation Extension 12-SP5 | ||
| SUSE | openSUSE Leap | openSUSE Leap Micro 5.3 | ||
| SUSE | openSUSE Leap | openSUSE Leap Micro 5.2 | ||
| SUSE | SUSE Linux Enterprise Desktop | SUSE Linux Enterprise Desktop 12-SP5 | ||
| SUSE | SUSE Linux Enterprise Desktop | SUSE Linux Enterprise Desktop 15-SP4 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 15-SP4 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 15-SP3 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 15-SP3-LTSS | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 12-SP5 | ||
| SUSE | SUSE Linux Enterprise Live Patching | SUSE Linux Enterprise Live Patching 12-SP5 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro 5.1 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro 5.2 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro 5.3 | ||
| SUSE | SUSE Linux Enterprise Real Time | SUSE Linux Enterprise Real Time 15-SP3 | ||
| SUSE | SUSE Linux Enterprise Real Time | SUSE Linux Enterprise Real Time 15-SP4 | ||
| SUSE | SUSE Linux Enterprise Real Time | SUSE Linux Enterprise Real Time Extension 12-SP5 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP Applications 15-SP3 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP Applications 15-SP4 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15-SP3 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP Applications 12-SP5 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15-SP4 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 12-SP5 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP 15-SP3 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15-SP3-LTSS | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP Applications | ||
| SUSE | SUSE Manager Proxy | SUSE Manager Proxy 4.2 | ||
| SUSE | SUSE Manager Retail Branch Server | SUSE Manager Retail Branch Server 4.2 | ||
| SUSE | SUSE Manager Retail Branch Server | SUSE Manager Retail Branch Server 4.3 | ||
| SUSE | SUSE Manager Server | SUSE Manager Server 4.3 | ||
| SUSE | SUSE Manager Server | SUSE Manager Server 4.2 |
References
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "openSUSE Leap 15.4",
"product": {
"name": "openSUSE Leap",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15-SP3-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Proxy 4.3",
"product": {
"name": "SUSE Manager Proxy",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Availability 12-SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Workstation Extension 15-SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Software Development Kit 12-SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Public Cloud 15-SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Development Tools 15-SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Live Patching 15-SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Availability 15-SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Enterprise Storage 7.1",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Realtime 15-SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Availability 15-SP3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Legacy Software 15-SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Realtime 15-SP3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Live Patching 15-SP3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Realtime Extension 15-SP3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Basesystem 15-SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Workstation Extension 12-SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "openSUSE Leap Micro 5.3",
"product": {
"name": "openSUSE Leap",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "openSUSE Leap Micro 5.2",
"product": {
"name": "openSUSE Leap",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Desktop 12-SP5",
"product": {
"name": "SUSE Linux Enterprise Desktop",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Desktop 15-SP4",
"product": {
"name": "SUSE Linux Enterprise Desktop",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15-SP4",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15-SP3",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15-SP3-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 12-SP5",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 12-SP5",
"product": {
"name": "SUSE Linux Enterprise Live Patching",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.1",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.2",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.3",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Real Time 15-SP3",
"product": {
"name": "SUSE Linux Enterprise Real Time",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Real Time 15-SP4",
"product": {
"name": "SUSE Linux Enterprise Real Time",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Real Time Extension 12-SP5",
"product": {
"name": "SUSE Linux Enterprise Real Time",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15-SP3",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15-SP4",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15-SP3",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 12-SP5",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15-SP4",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 12-SP5",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP 15-SP3",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15-SP3-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Proxy 4.2",
"product": {
"name": "SUSE Manager Proxy",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Retail Branch Server 4.2",
"product": {
"name": "SUSE Manager Retail Branch Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Retail Branch Server 4.3",
"product": {
"name": "SUSE Manager Retail Branch Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Server 4.3",
"product": {
"name": "SUSE Manager Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Server 4.2",
"product": {
"name": "SUSE Manager Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2022-47520",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-47520"
},
{
"name": "CVE-2023-23454",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23454"
},
{
"name": "CVE-2022-47929",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-47929"
},
{
"name": "CVE-2022-4379",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4379"
},
{
"name": "CVE-2022-42329",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42329"
},
{
"name": "CVE-2023-23455",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23455"
},
{
"name": "CVE-2023-0266",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0266"
},
{
"name": "CVE-2022-3643",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3643"
},
{
"name": "CVE-2022-3435",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3435"
},
{
"name": "CVE-2022-4662",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4662"
},
{
"name": "CVE-2022-3114",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3114"
},
{
"name": "CVE-2022-3564",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3564"
},
{
"name": "CVE-2022-3344",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3344"
},
{
"name": "CVE-2022-3112",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3112"
},
{
"name": "CVE-2022-3106",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3106"
},
{
"name": "CVE-2022-3107",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3107"
},
{
"name": "CVE-2019-19083",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19083"
},
{
"name": "CVE-2022-3111",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3111"
},
{
"name": "CVE-2022-42328",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42328"
},
{
"name": "CVE-2022-3115",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3115"
},
{
"name": "CVE-2022-3108",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3108"
},
{
"name": "CVE-2022-3113",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3113"
},
{
"name": "CVE-2022-3104",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3104"
},
{
"name": "CVE-2022-3105",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3105"
}
],
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 SUSE du 25 janvier 2023",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20230145-1/"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 SUSE du 26 janvier 2023",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20230149-1/"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 SUSE du 26 janvier 2023",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20230147-1/"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 SUSE du 26 janvier 2023",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20230148-1/"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 SUSE du 26 janvier 2023",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20230146-1/"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 SUSE du 26 janvier 2023",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20230152-1/"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 SUSE du 25 janvier 2023",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20230134-1/"
}
],
"reference": "CERTFR-2023-AVI-0066",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-01-27T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003ele noyau Linux de SUSE\u003c/span\u003e. Elles permettent \u00e0 un\nattaquant de provoquer un d\u00e9ni de service, une atteinte \u00e0 la\nconfidentialit\u00e9 des donn\u00e9es, un contournement de la politique de\ns\u00e9curit\u00e9 et une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de SUSE",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2023:0148-1 du 26 janvier 2023",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2023:0145-1 du 25 janvier 2023",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2023:0146-1 du 26 janvier 2023",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2023:0149-1 du 26 janvier 2023",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2023:0147-1 du 26 janvier 2023",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2023:0152-1 du 26 janvier 2023",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2023:0134-1 du 25 janvier 2023",
"url": null
}
]
}
CERTFR-2023-AVI-0315
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans le noyau Linux d'Ubuntu. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un contournement de la politique de sécurité, une atteinte à l'intégrité des données, une atteinte à la confidentialité des données, une élévation de privilèges et un déni de service à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Ubuntu 16.04 ESM",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 14.04 ESM",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 22.04 LTS",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2023-28328",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28328"
},
{
"name": "CVE-2023-0461",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0461"
},
{
"name": "CVE-2022-1195",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1195"
},
{
"name": "CVE-2023-23454",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23454"
},
{
"name": "CVE-2022-2380",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2380"
},
{
"name": "CVE-2022-47929",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-47929"
},
{
"name": "CVE-2022-3628",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3628"
},
{
"name": "CVE-2022-42329",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42329"
},
{
"name": "CVE-2021-4203",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4203"
},
{
"name": "CVE-2023-23455",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23455"
},
{
"name": "CVE-2023-26606",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26606"
},
{
"name": "CVE-2022-20132",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20132"
},
{
"name": "CVE-2022-29900",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29900"
},
{
"name": "CVE-2022-29901",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29901"
},
{
"name": "CVE-2023-0266",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0266"
},
{
"name": "CVE-2022-42895",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42895"
},
{
"name": "CVE-2022-43750",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43750"
},
{
"name": "CVE-2022-4662",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4662"
},
{
"name": "CVE-2020-36516",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36516"
},
{
"name": "CVE-2022-3903",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3903"
},
{
"name": "CVE-2023-1074",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1074"
},
{
"name": "CVE-2022-36280",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36280"
},
{
"name": "CVE-2022-41218",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41218"
},
{
"name": "CVE-2022-1016",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1016"
},
{
"name": "CVE-2022-4382",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4382"
},
{
"name": "CVE-2022-1975",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1975"
},
{
"name": "CVE-2022-39842",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-39842"
},
{
"name": "CVE-2022-2196",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2196"
},
{
"name": "CVE-2022-20572",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20572"
},
{
"name": "CVE-2022-41849",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41849"
},
{
"name": "CVE-2022-0487",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0487"
},
{
"name": "CVE-2021-28711",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28711"
},
{
"name": "CVE-2022-1462",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1462"
},
{
"name": "CVE-2021-28713",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28713"
},
{
"name": "CVE-2023-0210",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0210"
},
{
"name": "CVE-2021-3772",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3772"
},
{
"name": "CVE-2022-2663",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2663"
},
{
"name": "CVE-2021-3659",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3659"
},
{
"name": "CVE-2023-26607",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26607"
},
{
"name": "CVE-2022-3649",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3649"
},
{
"name": "CVE-2021-3428",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3428"
},
{
"name": "CVE-2022-3545",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3545"
},
{
"name": "CVE-2022-0494",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0494"
},
{
"name": "CVE-2021-28712",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28712"
},
{
"name": "CVE-2023-23559",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23559"
},
{
"name": "CVE-2022-39188",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-39188"
},
{
"name": "CVE-2022-3111",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3111"
},
{
"name": "CVE-2022-41850",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41850"
},
{
"name": "CVE-2022-3646",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3646"
},
{
"name": "CVE-2022-42328",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42328"
},
{
"name": "CVE-2021-26401",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26401"
},
{
"name": "CVE-2021-45868",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45868"
},
{
"name": "CVE-2023-26545",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26545"
},
{
"name": "CVE-2021-3669",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3669"
},
{
"name": "CVE-2022-3640",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3640"
},
{
"name": "CVE-2023-1095",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1095"
},
{
"name": "CVE-2023-1118",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1118"
},
{
"name": "CVE-2022-26373",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26373"
},
{
"name": "CVE-2023-0394",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0394"
},
{
"name": "CVE-2022-2318",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2318"
},
{
"name": "CVE-2022-3303",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3303"
},
{
"name": "CVE-2022-3424",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3424"
},
{
"name": "CVE-2022-36879",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36879"
},
{
"name": "CVE-2022-2991",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2991"
},
{
"name": "CVE-2022-48424",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48424"
},
{
"name": "CVE-2021-3732",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3732"
},
{
"name": "CVE-2022-48423",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48423"
},
{
"name": "CVE-2023-0045",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0045"
},
{
"name": "CVE-2022-1205",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1205"
},
{
"name": "CVE-2022-20369",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20369"
},
{
"name": "CVE-2021-4149",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4149"
},
{
"name": "CVE-2022-0617",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0617"
},
{
"name": "CVE-2022-3061",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3061"
},
{
"name": "CVE-2022-3521",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3521"
},
{
"name": "CVE-2022-2503",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2503"
},
{
"name": "CVE-2022-1974",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1974"
},
{
"name": "CVE-2022-1516",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1516"
}
],
"links": [],
"reference": "CERTFR-2023-AVI-0315",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-04-14T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans \u003cspan\nclass=\"textit\"\u003ele noyau Linux d\u0027Ubuntu\u003c/span\u003e. Elles permettent \u00e0 un\nattaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un\ncontournement de la politique de s\u00e9curit\u00e9, une atteinte \u00e0 l\u0027int\u00e9grit\u00e9\ndes donn\u00e9es, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es, une\n\u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux d\u0027Ubuntu",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6009-1 du 11 avril 2023",
"url": "https://ubuntu.com/security/notices/USN-6009-1"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6004-1 du 11 avril 2023",
"url": "https://ubuntu.com/security/notices/USN-6004-1"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6014-1 du 12 avril 2023",
"url": "https://ubuntu.com/security/notices/USN-6014-1"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6013-1 du 12 avril 2023",
"url": "https://ubuntu.com/security/notices/USN-6013-1"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6007-1 du 11 avril 2023",
"url": "https://ubuntu.com/security/notices/USN-6007-1"
}
]
}
CERTFR-2023-AVI-0066
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été corrigées dans le noyau Linux de SUSE. Elles permettent à un attaquant de provoquer un déni de service, une atteinte à la confidentialité des données, un contournement de la politique de sécurité et une atteinte à l'intégrité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| SUSE | openSUSE Leap | openSUSE Leap 15.4 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 15-SP3-ESPOS | ||
| SUSE | SUSE Manager Proxy | SUSE Manager Proxy 4.3 | ||
| SUSE | N/A | SUSE Linux Enterprise High Availability 12-SP5 | ||
| SUSE | N/A | SUSE Linux Enterprise Workstation Extension 15-SP4 | ||
| SUSE | N/A | SUSE Linux Enterprise Software Development Kit 12-SP5 | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Public Cloud 15-SP4 | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Development Tools 15-SP4 | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Live Patching 15-SP4 | ||
| SUSE | N/A | SUSE Linux Enterprise High Availability 15-SP4 | ||
| SUSE | N/A | SUSE Enterprise Storage 7.1 | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Realtime 15-SP4 | ||
| SUSE | N/A | SUSE Linux Enterprise High Availability 15-SP3 | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Legacy Software 15-SP4 | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Realtime 15-SP3 | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Live Patching 15-SP3 | ||
| SUSE | N/A | SUSE Linux Enterprise Realtime Extension 15-SP3 | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Basesystem 15-SP4 | ||
| SUSE | N/A | SUSE Linux Enterprise Workstation Extension 12-SP5 | ||
| SUSE | openSUSE Leap | openSUSE Leap Micro 5.3 | ||
| SUSE | openSUSE Leap | openSUSE Leap Micro 5.2 | ||
| SUSE | SUSE Linux Enterprise Desktop | SUSE Linux Enterprise Desktop 12-SP5 | ||
| SUSE | SUSE Linux Enterprise Desktop | SUSE Linux Enterprise Desktop 15-SP4 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 15-SP4 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 15-SP3 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 15-SP3-LTSS | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 12-SP5 | ||
| SUSE | SUSE Linux Enterprise Live Patching | SUSE Linux Enterprise Live Patching 12-SP5 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro 5.1 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro 5.2 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro 5.3 | ||
| SUSE | SUSE Linux Enterprise Real Time | SUSE Linux Enterprise Real Time 15-SP3 | ||
| SUSE | SUSE Linux Enterprise Real Time | SUSE Linux Enterprise Real Time 15-SP4 | ||
| SUSE | SUSE Linux Enterprise Real Time | SUSE Linux Enterprise Real Time Extension 12-SP5 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP Applications 15-SP3 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP Applications 15-SP4 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15-SP3 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP Applications 12-SP5 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15-SP4 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 12-SP5 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP 15-SP3 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15-SP3-LTSS | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP Applications | ||
| SUSE | SUSE Manager Proxy | SUSE Manager Proxy 4.2 | ||
| SUSE | SUSE Manager Retail Branch Server | SUSE Manager Retail Branch Server 4.2 | ||
| SUSE | SUSE Manager Retail Branch Server | SUSE Manager Retail Branch Server 4.3 | ||
| SUSE | SUSE Manager Server | SUSE Manager Server 4.3 | ||
| SUSE | SUSE Manager Server | SUSE Manager Server 4.2 |
References
| Title | Publication Time | Tags | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "openSUSE Leap 15.4",
"product": {
"name": "openSUSE Leap",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15-SP3-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Proxy 4.3",
"product": {
"name": "SUSE Manager Proxy",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Availability 12-SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Workstation Extension 15-SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Software Development Kit 12-SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Public Cloud 15-SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Development Tools 15-SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Live Patching 15-SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Availability 15-SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Enterprise Storage 7.1",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Realtime 15-SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Availability 15-SP3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Legacy Software 15-SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Realtime 15-SP3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Live Patching 15-SP3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Realtime Extension 15-SP3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Basesystem 15-SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Workstation Extension 12-SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "openSUSE Leap Micro 5.3",
"product": {
"name": "openSUSE Leap",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "openSUSE Leap Micro 5.2",
"product": {
"name": "openSUSE Leap",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Desktop 12-SP5",
"product": {
"name": "SUSE Linux Enterprise Desktop",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Desktop 15-SP4",
"product": {
"name": "SUSE Linux Enterprise Desktop",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15-SP4",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15-SP3",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15-SP3-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 12-SP5",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 12-SP5",
"product": {
"name": "SUSE Linux Enterprise Live Patching",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.1",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.2",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.3",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Real Time 15-SP3",
"product": {
"name": "SUSE Linux Enterprise Real Time",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Real Time 15-SP4",
"product": {
"name": "SUSE Linux Enterprise Real Time",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Real Time Extension 12-SP5",
"product": {
"name": "SUSE Linux Enterprise Real Time",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15-SP3",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15-SP4",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15-SP3",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 12-SP5",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15-SP4",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 12-SP5",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP 15-SP3",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15-SP3-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Proxy 4.2",
"product": {
"name": "SUSE Manager Proxy",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Retail Branch Server 4.2",
"product": {
"name": "SUSE Manager Retail Branch Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Retail Branch Server 4.3",
"product": {
"name": "SUSE Manager Retail Branch Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Server 4.3",
"product": {
"name": "SUSE Manager Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Server 4.2",
"product": {
"name": "SUSE Manager Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2022-47520",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-47520"
},
{
"name": "CVE-2023-23454",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23454"
},
{
"name": "CVE-2022-47929",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-47929"
},
{
"name": "CVE-2022-4379",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4379"
},
{
"name": "CVE-2022-42329",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42329"
},
{
"name": "CVE-2023-23455",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23455"
},
{
"name": "CVE-2023-0266",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0266"
},
{
"name": "CVE-2022-3643",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3643"
},
{
"name": "CVE-2022-3435",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3435"
},
{
"name": "CVE-2022-4662",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4662"
},
{
"name": "CVE-2022-3114",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3114"
},
{
"name": "CVE-2022-3564",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3564"
},
{
"name": "CVE-2022-3344",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3344"
},
{
"name": "CVE-2022-3112",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3112"
},
{
"name": "CVE-2022-3106",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3106"
},
{
"name": "CVE-2022-3107",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3107"
},
{
"name": "CVE-2019-19083",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19083"
},
{
"name": "CVE-2022-3111",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3111"
},
{
"name": "CVE-2022-42328",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42328"
},
{
"name": "CVE-2022-3115",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3115"
},
{
"name": "CVE-2022-3108",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3108"
},
{
"name": "CVE-2022-3113",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3113"
},
{
"name": "CVE-2022-3104",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3104"
},
{
"name": "CVE-2022-3105",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3105"
}
],
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 SUSE du 25 janvier 2023",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20230145-1/"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 SUSE du 26 janvier 2023",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20230149-1/"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 SUSE du 26 janvier 2023",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20230147-1/"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 SUSE du 26 janvier 2023",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20230148-1/"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 SUSE du 26 janvier 2023",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20230146-1/"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 SUSE du 26 janvier 2023",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20230152-1/"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 SUSE du 25 janvier 2023",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20230134-1/"
}
],
"reference": "CERTFR-2023-AVI-0066",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-01-27T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003ele noyau Linux de SUSE\u003c/span\u003e. Elles permettent \u00e0 un\nattaquant de provoquer un d\u00e9ni de service, une atteinte \u00e0 la\nconfidentialit\u00e9 des donn\u00e9es, un contournement de la politique de\ns\u00e9curit\u00e9 et une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de SUSE",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2023:0148-1 du 26 janvier 2023",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2023:0145-1 du 25 janvier 2023",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2023:0146-1 du 26 janvier 2023",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2023:0149-1 du 26 janvier 2023",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2023:0147-1 du 26 janvier 2023",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2023:0152-1 du 26 janvier 2023",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2023:0134-1 du 25 janvier 2023",
"url": null
}
]
}
CERTFR-2023-AVI-0315
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans le noyau Linux d'Ubuntu. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un contournement de la politique de sécurité, une atteinte à l'intégrité des données, une atteinte à la confidentialité des données, une élévation de privilèges et un déni de service à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Ubuntu 16.04 ESM",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 14.04 ESM",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 22.04 LTS",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2023-28328",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28328"
},
{
"name": "CVE-2023-0461",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0461"
},
{
"name": "CVE-2022-1195",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1195"
},
{
"name": "CVE-2023-23454",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23454"
},
{
"name": "CVE-2022-2380",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2380"
},
{
"name": "CVE-2022-47929",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-47929"
},
{
"name": "CVE-2022-3628",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3628"
},
{
"name": "CVE-2022-42329",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42329"
},
{
"name": "CVE-2021-4203",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4203"
},
{
"name": "CVE-2023-23455",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23455"
},
{
"name": "CVE-2023-26606",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26606"
},
{
"name": "CVE-2022-20132",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20132"
},
{
"name": "CVE-2022-29900",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29900"
},
{
"name": "CVE-2022-29901",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29901"
},
{
"name": "CVE-2023-0266",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0266"
},
{
"name": "CVE-2022-42895",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42895"
},
{
"name": "CVE-2022-43750",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43750"
},
{
"name": "CVE-2022-4662",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4662"
},
{
"name": "CVE-2020-36516",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36516"
},
{
"name": "CVE-2022-3903",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3903"
},
{
"name": "CVE-2023-1074",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1074"
},
{
"name": "CVE-2022-36280",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36280"
},
{
"name": "CVE-2022-41218",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41218"
},
{
"name": "CVE-2022-1016",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1016"
},
{
"name": "CVE-2022-4382",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4382"
},
{
"name": "CVE-2022-1975",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1975"
},
{
"name": "CVE-2022-39842",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-39842"
},
{
"name": "CVE-2022-2196",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2196"
},
{
"name": "CVE-2022-20572",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20572"
},
{
"name": "CVE-2022-41849",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41849"
},
{
"name": "CVE-2022-0487",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0487"
},
{
"name": "CVE-2021-28711",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28711"
},
{
"name": "CVE-2022-1462",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1462"
},
{
"name": "CVE-2021-28713",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28713"
},
{
"name": "CVE-2023-0210",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0210"
},
{
"name": "CVE-2021-3772",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3772"
},
{
"name": "CVE-2022-2663",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2663"
},
{
"name": "CVE-2021-3659",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3659"
},
{
"name": "CVE-2023-26607",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26607"
},
{
"name": "CVE-2022-3649",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3649"
},
{
"name": "CVE-2021-3428",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3428"
},
{
"name": "CVE-2022-3545",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3545"
},
{
"name": "CVE-2022-0494",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0494"
},
{
"name": "CVE-2021-28712",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28712"
},
{
"name": "CVE-2023-23559",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23559"
},
{
"name": "CVE-2022-39188",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-39188"
},
{
"name": "CVE-2022-3111",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3111"
},
{
"name": "CVE-2022-41850",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41850"
},
{
"name": "CVE-2022-3646",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3646"
},
{
"name": "CVE-2022-42328",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42328"
},
{
"name": "CVE-2021-26401",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26401"
},
{
"name": "CVE-2021-45868",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45868"
},
{
"name": "CVE-2023-26545",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26545"
},
{
"name": "CVE-2021-3669",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3669"
},
{
"name": "CVE-2022-3640",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3640"
},
{
"name": "CVE-2023-1095",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1095"
},
{
"name": "CVE-2023-1118",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1118"
},
{
"name": "CVE-2022-26373",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26373"
},
{
"name": "CVE-2023-0394",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0394"
},
{
"name": "CVE-2022-2318",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2318"
},
{
"name": "CVE-2022-3303",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3303"
},
{
"name": "CVE-2022-3424",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3424"
},
{
"name": "CVE-2022-36879",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36879"
},
{
"name": "CVE-2022-2991",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2991"
},
{
"name": "CVE-2022-48424",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48424"
},
{
"name": "CVE-2021-3732",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3732"
},
{
"name": "CVE-2022-48423",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48423"
},
{
"name": "CVE-2023-0045",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0045"
},
{
"name": "CVE-2022-1205",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1205"
},
{
"name": "CVE-2022-20369",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20369"
},
{
"name": "CVE-2021-4149",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4149"
},
{
"name": "CVE-2022-0617",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0617"
},
{
"name": "CVE-2022-3061",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3061"
},
{
"name": "CVE-2022-3521",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3521"
},
{
"name": "CVE-2022-2503",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2503"
},
{
"name": "CVE-2022-1974",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1974"
},
{
"name": "CVE-2022-1516",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1516"
}
],
"links": [],
"reference": "CERTFR-2023-AVI-0315",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-04-14T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans \u003cspan\nclass=\"textit\"\u003ele noyau Linux d\u0027Ubuntu\u003c/span\u003e. Elles permettent \u00e0 un\nattaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un\ncontournement de la politique de s\u00e9curit\u00e9, une atteinte \u00e0 l\u0027int\u00e9grit\u00e9\ndes donn\u00e9es, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es, une\n\u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux d\u0027Ubuntu",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6009-1 du 11 avril 2023",
"url": "https://ubuntu.com/security/notices/USN-6009-1"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6004-1 du 11 avril 2023",
"url": "https://ubuntu.com/security/notices/USN-6004-1"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6014-1 du 12 avril 2023",
"url": "https://ubuntu.com/security/notices/USN-6014-1"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6013-1 du 12 avril 2023",
"url": "https://ubuntu.com/security/notices/USN-6013-1"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6007-1 du 11 avril 2023",
"url": "https://ubuntu.com/security/notices/USN-6007-1"
}
]
}
BDU:2022-07327
Vulnerability from fstec - Published: 03.03.2022
VLAI Severity ?
Title
Уязвимость функции free_charger_irq() в модуле drivers/power/supply/wm8350_power.c ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании или повысить свои привилегии
Description
Уязвимость функции free_charger_irq() в модуле drivers/power/supply/wm8350_power.c ядра операционной системы Linux связана с ошибкой разыменования указателя. Эксплуатация уязвимости может позволить нарушителю вызвать отказ в обслуживании или повысить свои привилегии
Severity ?
Vendor
ООО «РусБИТех-Астра», Сообщество свободного программного обеспечения, АО "НППКТ"
Software Name
Astra Linux Special Edition (запись в едином реестре российских программ №369), Linux, ОСОН ОСнова Оnyx (запись в едином реестре российских программ №5913)
Software Version
1.6 «Смоленск» (Astra Linux Special Edition), 1.7 (Astra Linux Special Edition), 4.7 (Astra Linux Special Edition), от 4.0 до 4.9.310 включительно (Linux), от 4.10 до 4.14.275 включительно (Linux), до 2.7 (ОСОН ОСнова Оnyx), от 5.5 до 5.10.109 включительно (Linux), от 5.11 до 5.15.32 включительно (Linux), от 5.16.0 до 5.16.18 включительно (Linux), от 5.17.0 до 5.17.1 включительно (Linux), от 4.15 до 4.19.237 включительно (Linux), от 4.20 до 5.4.188 включительно (Linux)
Possible Mitigations
Использование рекомендаций:
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.19-rc2&id=6dee930f6f6776d1e5a7edf542c6863b47d9f078
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.311
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.17.2
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.16.19
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.110
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.276
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.189
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.33
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.238
Для ОСОН ОСнова Оnyx (версия 2.7):
Обновление программного обеспечения linux до версии 5.15.86-1.osnova211
Для Astra Linux Special Edition 1.7: https://wiki.astralinux.ru/astra-linux-se17-bulletin-2023-0303SE17MD
Для Astra Linux Special Edition для архитектуры ARM для 4.7: https://wiki.astralinux.ru/astra-linux-se47-bulletin-2023-0316SE47MD
Для ОС Astra Linux Special Edition 1.7:
- обновить пакет linux до 5.4.0-162.astra1+ci6 или более высокой версии, используя рекомендации производителя: https://wiki.astralinux.ru/astra-linux-se17-bulletin-2023-1023SE17
- обновить пакет linux-5.10 до 5.10.142-1.astra6+ci24 или более высокой версии, используя рекомендации производителя: https://wiki.astralinux.ru/astra-linux-se17-bulletin-2023-1023SE17
Для ОС Astra Linux 1.6 «Смоленск»:
- обновить пакет linux до 5.4.0-162.astra1+ci21 или более высокой версии, используя рекомендации производителя: https://wiki.astralinux.ru/astra-linux-se16-bulletin-20231214SE16
- обновить пакет linux-5.10 до 5.10.142-1.astra6+ci38 или более высокой версии, используя рекомендации производителя: https://wiki.astralinux.ru/astra-linux-se16-bulletin-20231214SE16
Reference
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3111
https://bugzilla.redhat.com/show_bug.cgi?id=2153059
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.19-rc2&id=6dee930f6f6776d1e5a7edf542c6863b47d9f078
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.311
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.17.2
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.16.19
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.110
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.276
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.189
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.33
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.238
https://поддержка.нппкт.рф/bin/view/ОСнова/Обновления/2.7/
https://wiki.astralinux.ru/astra-linux-se17-bulletin-2023-0303SE17MD
https://wiki.astralinux.ru/astra-linux-se47-bulletin-2023-0316SE47MD
https://wiki.astralinux.ru/astra-linux-se17-bulletin-2023-1023SE17
https://wiki.astralinux.ru/astra-linux-se16-bulletin-20220829SE16
CWE
CWE-476
{
"CVSS 2.0": "AV:L/AC:L/Au:S/C:N/I:N/A:C",
"CVSS 3.0": "AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"CVSS 4.0": null,
"remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
"remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
"\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "\u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb, \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f, \u0410\u041e \"\u041d\u041f\u041f\u041a\u0422\"",
"\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "1.6 \u00ab\u0421\u043c\u043e\u043b\u0435\u043d\u0441\u043a\u00bb (Astra Linux Special Edition), 1.7 (Astra Linux Special Edition), 4.7 (Astra Linux Special Edition), \u043e\u0442 4.0 \u0434\u043e 4.9.310 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux), \u043e\u0442 4.10 \u0434\u043e 4.14.275 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux), \u0434\u043e 2.7 (\u041e\u0421\u041e\u041d \u041e\u0421\u043d\u043e\u0432\u0430 \u041enyx), \u043e\u0442 5.5 \u0434\u043e 5.10.109 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux), \u043e\u0442 5.11 \u0434\u043e 5.15.32 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux), \u043e\u0442 5.16.0 \u0434\u043e 5.16.18 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux), \u043e\u0442 5.17.0 \u0434\u043e 5.17.1 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux), \u043e\u0442 4.15 \u0434\u043e 4.19.237 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux), \u043e\u0442 4.20 \u0434\u043e 5.4.188 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux)",
"\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\nhttps://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.19-rc2\u0026id=6dee930f6f6776d1e5a7edf542c6863b47d9f078\nhttps://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.311\nhttps://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.17.2\nhttps://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.16.19\nhttps://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.110\nhttps://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.276\nhttps://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.189\nhttps://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.33\nhttps://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.238\n\n\u0414\u043b\u044f \u041e\u0421\u041e\u041d \u041e\u0421\u043d\u043e\u0432\u0430 \u041enyx (\u0432\u0435\u0440\u0441\u0438\u044f 2.7):\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f linux \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 5.15.86-1.osnova211\n\n\u0414\u043b\u044f Astra Linux Special Edition 1.7: https://wiki.astralinux.ru/astra-linux-se17-bulletin-2023-0303SE17MD\n\n\u0414\u043b\u044f Astra Linux Special Edition \u0434\u043b\u044f \u0430\u0440\u0445\u0438\u0442\u0435\u043a\u0442\u0443\u0440\u044b ARM \u0434\u043b\u044f 4.7: https://wiki.astralinux.ru/astra-linux-se47-bulletin-2023-0316SE47MD\n\n\u0414\u043b\u044f \u041e\u0421 Astra Linux Special Edition 1.7:\n- \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u043a\u0435\u0442 linux \u0434\u043e 5.4.0-162.astra1+ci6 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se17-bulletin-2023-1023SE17\n- \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u043a\u0435\u0442 linux-5.10 \u0434\u043e 5.10.142-1.astra6+ci24 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se17-bulletin-2023-1023SE17\n\n\u0414\u043b\u044f \u041e\u0421 Astra Linux 1.6 \u00ab\u0421\u043c\u043e\u043b\u0435\u043d\u0441\u043a\u00bb:\n- \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u043a\u0435\u0442 linux \u0434\u043e 5.4.0-162.astra1+ci21 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se16-bulletin-20231214SE16\n- \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u043a\u0435\u0442 linux-5.10 \u0434\u043e 5.10.142-1.astra6+ci38 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se16-bulletin-20231214SE16",
"\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "03.03.2022",
"\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "30.09.2024",
"\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "22.12.2022",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2022-07327",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2022-3111",
"\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
"\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
"\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Astra Linux Special Edition (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), Linux, \u041e\u0421\u041e\u041d \u041e\u0421\u043d\u043e\u0432\u0430 \u041enyx (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21165913)",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "\u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 1.6 \u00ab\u0421\u043c\u043e\u043b\u0435\u043d\u0441\u043a\u00bb (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 1.7 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 4.7 ARM (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 4.0 \u0434\u043e 4.9.310 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 4.10 \u0434\u043e 4.14.275 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e , \u0410\u041e \"\u041d\u041f\u041f\u041a\u0422\" \u041e\u0421\u041e\u041d \u041e\u0421\u043d\u043e\u0432\u0430 \u041enyx \u0434\u043e 2.7 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21165913), \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 5.5 \u0434\u043e 5.10.109 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 5.11 \u0434\u043e 5.15.32 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 5.16.0 \u0434\u043e 5.16.18 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 5.17.0 \u0434\u043e 5.17.1 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 4.15 \u0434\u043e 4.19.237 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 4.20 \u0434\u043e 5.4.188 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e ",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 free_charger_irq() \u0432 \u043c\u043e\u0434\u0443\u043b\u0435 drivers/power/supply/wm8350_power.c \u044f\u0434\u0440\u0430 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Linux, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438 \u0438\u043b\u0438 \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u0441\u0432\u043e\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438",
"\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u0420\u0430\u0437\u044b\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u044f NULL (CWE-476)",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 free_charger_irq() \u0432 \u043c\u043e\u0434\u0443\u043b\u0435 drivers/power/supply/wm8350_power.c \u044f\u0434\u0440\u0430 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Linux \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043e\u0448\u0438\u0431\u043a\u043e\u0439 \u0440\u0430\u0437\u044b\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u044f \u0443\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u044f. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438 \u0438\u043b\u0438 \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u0441\u0432\u043e\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438",
"\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
"\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
"\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u0445",
"\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3111\nhttps://bugzilla.redhat.com/show_bug.cgi?id=2153059\nhttps://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.19-rc2\u0026id=6dee930f6f6776d1e5a7edf542c6863b47d9f078\nhttps://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.311\nhttps://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.17.2\nhttps://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.16.19\nhttps://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.110\nhttps://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.276\nhttps://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.189\nhttps://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.33\nhttps://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.238\nhttps://\u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0430.\u043d\u043f\u043f\u043a\u0442.\u0440\u0444/bin/view/\u041e\u0421\u043d\u043e\u0432\u0430/\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f/2.7/\nhttps://wiki.astralinux.ru/astra-linux-se17-bulletin-2023-0303SE17MD\nhttps://wiki.astralinux.ru/astra-linux-se47-bulletin-2023-0316SE47MD\nhttps://wiki.astralinux.ru/astra-linux-se17-bulletin-2023-1023SE17\nhttps://wiki.astralinux.ru/astra-linux-se16-bulletin-20220829SE16",
"\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
"\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430",
"\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-476",
"\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 4,6)\n\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 5,5)"
}
FKIE_CVE-2022-3111
Vulnerability from fkie_nvd - Published: 2022-12-14 21:15 - Updated: 2025-04-22 14:15
Severity ?
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
An issue was discovered in the Linux kernel through 5.16-rc6. free_charger_irq() in drivers/power/supply/wm8350_power.c lacks free of WM8350_IRQ_CHG_FAST_RDY, which is registered in wm8350_init_charger().
References
| URL | Tags | ||
|---|---|---|---|
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=2153059 | Issue Tracking, Third Party Advisory | |
| secalert@redhat.com | https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.19-rc2&id=6dee930f6f6776d1e5a7edf542c6863b47d9f078 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=2153059 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.19-rc2&id=6dee930f6f6776d1e5a7edf542c6863b47d9f078 | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linux | linux_kernel | * | |
| linux | linux_kernel | 5.16.0 | |
| linux | linux_kernel | 5.16.0 | |
| linux | linux_kernel | 5.16.0 | |
| linux | linux_kernel | 5.16.0 | |
| linux | linux_kernel | 5.16.0 | |
| linux | linux_kernel | 5.16.0 | |
| linux | linux_kernel | 5.16.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "02711EF3-4708-401A-A551-BF2666F9CB9A",
"versionEndExcluding": "5.16.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:5.16.0:-:*:*:*:*:*:*",
"matchCriteriaId": "6D91531A-B5F0-42DC-BF86-12BDB991AAD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:5.16.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "7FEA1289-2893-487A-B46C-75AA73FB409A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:5.16.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "366AF5E2-1187-4871-95D7-17FB5AC61153",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:5.16.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "EDAA6EAB-A0D8-4522-93CD-E939BE5AC78B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:5.16.0:rc4:*:*:*:*:*:*",
"matchCriteriaId": "420512FD-751B-491E-9F9E-79F6733A876D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:5.16.0:rc5:*:*:*:*:*:*",
"matchCriteriaId": "21E83CF6-6096-4011-9C22-67225992771A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:5.16.0:rc6:*:*:*:*:*:*",
"matchCriteriaId": "C109325B-0F6B-405E-8490-0A55A2294D79",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in the Linux kernel through 5.16-rc6. free_charger_irq() in drivers/power/supply/wm8350_power.c lacks free of WM8350_IRQ_CHG_FAST_RDY, which is registered in wm8350_init_charger()."
},
{
"lang": "es",
"value": "Se descubri\u00f3 un problema en el kernel de Linux hasta 5.16-rc6. free_charger_irq() en drivers/power/supply/wm8350_power.c carece de WM8350_IRQ_CHG_FAST_RDY, que est\u00e1 registrado en wm8350_init_charger()."
}
],
"id": "CVE-2022-3111",
"lastModified": "2025-04-22T14:15:19.850",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2022-12-14T21:15:12.407",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2153059"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.19-rc2\u0026id=6dee930f6f6776d1e5a7edf542c6863b47d9f078"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2153059"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.19-rc2\u0026id=6dee930f6f6776d1e5a7edf542c6863b47d9f078"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "secalert@redhat.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
GHSA-6543-HMM7-9CV7
Vulnerability from github – Published: 2022-12-14 21:30 – Updated: 2022-12-16 21:30
VLAI?
Details
An issue was discovered in the Linux kernel through 5.16-rc6. free_charger_irq() in drivers/power/supply/wm8350_power.c lacks free of WM8350_IRQ_CHG_FAST_RDY, which is registered in wm8350_init_charger().
Severity ?
5.5 (Medium)
{
"affected": [],
"aliases": [
"CVE-2022-3111"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-12-14T21:15:00Z",
"severity": "MODERATE"
},
"details": "An issue was discovered in the Linux kernel through 5.16-rc6. free_charger_irq() in drivers/power/supply/wm8350_power.c lacks free of WM8350_IRQ_CHG_FAST_RDY, which is registered in wm8350_init_charger().",
"id": "GHSA-6543-hmm7-9cv7",
"modified": "2022-12-16T21:30:44Z",
"published": "2022-12-14T21:30:17Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3111"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2153059"
},
{
"type": "WEB",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.19-rc2\u0026id=6dee930f6f6776d1e5a7edf542c6863b47d9f078"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GSD-2022-3111
Vulnerability from gsd - Updated: 2023-12-13 01:19Details
An issue was discovered in the Linux kernel through 5.16-rc6. free_charger_irq() in drivers/power/supply/wm8350_power.c lacks free of WM8350_IRQ_CHG_FAST_RDY, which is registered in wm8350_init_charger().
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2022-3111",
"id": "GSD-2022-3111",
"references": [
"https://www.suse.com/security/cve/CVE-2022-3111.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2022-3111"
],
"details": "An issue was discovered in the Linux kernel through 5.16-rc6. free_charger_irq() in drivers/power/supply/wm8350_power.c lacks free of WM8350_IRQ_CHG_FAST_RDY, which is registered in wm8350_init_charger().",
"id": "GSD-2022-3111",
"modified": "2023-12-13T01:19:40.206521Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2022-3111",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Kernel",
"version": {
"version_data": [
{
"version_value": "Linux 5.16-rc6"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in the Linux kernel through 5.16-rc6. free_charger_irq() in drivers/power/supply/wm8350_power.c lacks free of WM8350_IRQ_CHG_FAST_RDY, which is registered in wm8350_init_charger()."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-476"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.19-rc2\u0026id=6dee930f6f6776d1e5a7edf542c6863b47d9f078",
"refsource": "MISC",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.19-rc2\u0026id=6dee930f6f6776d1e5a7edf542c6863b47d9f078"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2153059",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2153059"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:5.16.0:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:5.16.0:rc6:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:5.16.0:rc5:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:5.16.0:rc4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:5.16.0:rc3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:5.16.0:rc2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.16.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:5.16.0:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2022-3111"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "An issue was discovered in the Linux kernel through 5.16-rc6. free_charger_irq() in drivers/power/supply/wm8350_power.c lacks free of WM8350_IRQ_CHG_FAST_RDY, which is registered in wm8350_init_charger()."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2153059",
"refsource": "MISC",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2153059"
},
{
"name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.19-rc2\u0026id=6dee930f6f6776d1e5a7edf542c6863b47d9f078",
"refsource": "MISC",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.19-rc2\u0026id=6dee930f6f6776d1e5a7edf542c6863b47d9f078"
}
]
}
},
"impact": {
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
},
"lastModifiedDate": "2022-12-16T21:14Z",
"publishedDate": "2022-12-14T21:15Z"
}
}
}
MSRC_CVE-2022-3111
Vulnerability from csaf_microsoft - Published: 2022-12-02 00:00 - Updated: 2022-12-17 00:00Summary
An issue was discovered in the Linux kernel through 5.16-rc6. free_charger_irq() in drivers/power/supply/wm8350_power.c lacks free of WM8350_IRQ_CHG_FAST_RDY which is registered in wm8350_init_charger().
Notes
Additional Resources: To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle
Disclaimer: The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.
5.5 (Medium)
Affected products
Fixed
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 18518-16820 | — | ||
| Unresolved product id: 18513-17086 | — |
References
4 references
| URL | Category |
|---|---|
| https://msrc.microsoft.com/csaf/vex/2022/msrc_cve… | self |
| https://support.microsoft.com/lifecycle | external |
| https://www.first.org/cvss | external |
| https://msrc.microsoft.com/csaf/vex/2022/msrc_cve… | self |
{
"document": {
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Public",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
"title": "Disclaimer"
}
],
"publisher": {
"category": "vendor",
"contact_details": "secure@microsoft.com",
"name": "Microsoft Security Response Center",
"namespace": "https://msrc.microsoft.com"
},
"references": [
{
"category": "self",
"summary": "CVE-2022-3111 An issue was discovered in the Linux kernel through 5.16-rc6. free_charger_irq() in drivers/power/supply/wm8350_power.c lacks free of WM8350_IRQ_CHG_FAST_RDY which is registered in wm8350_init_charger(). - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2022/msrc_cve-2022-3111.json"
},
{
"category": "external",
"summary": "Microsoft Support Lifecycle",
"url": "https://support.microsoft.com/lifecycle"
},
{
"category": "external",
"summary": "Common Vulnerability Scoring System",
"url": "https://www.first.org/cvss"
}
],
"title": "An issue was discovered in the Linux kernel through 5.16-rc6. free_charger_irq() in drivers/power/supply/wm8350_power.c lacks free of WM8350_IRQ_CHG_FAST_RDY which is registered in wm8350_init_charger().",
"tracking": {
"current_release_date": "2022-12-17T00:00:00.000Z",
"generator": {
"date": "2025-10-20T00:09:03.018Z",
"engine": {
"name": "MSRC Generator",
"version": "1.0"
}
},
"id": "msrc_CVE-2022-3111",
"initial_release_date": "2022-12-02T00:00:00.000Z",
"revision_history": [
{
"date": "2022-12-17T00:00:00.000Z",
"legacy_version": "1",
"number": "1",
"summary": "Information published."
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "1.0",
"product": {
"name": "CBL Mariner 1.0",
"product_id": "16820"
}
},
{
"category": "product_version",
"name": "2.0",
"product": {
"name": "CBL Mariner 2.0",
"product_id": "17086"
}
}
],
"category": "product_name",
"name": "Azure Linux"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003ccm1 kernel 5.10.158.1-1",
"product": {
"name": "\u003ccm1 kernel 5.10.158.1-1",
"product_id": "1"
}
},
{
"category": "product_version",
"name": "cm1 kernel 5.10.158.1-1",
"product": {
"name": "cm1 kernel 5.10.158.1-1",
"product_id": "18518"
}
},
{
"category": "product_version_range",
"name": "\u003ccbl2 kernel 5.15.86.1-1",
"product": {
"name": "\u003ccbl2 kernel 5.15.86.1-1",
"product_id": "2"
}
},
{
"category": "product_version",
"name": "cbl2 kernel 5.15.86.1-1",
"product": {
"name": "cbl2 kernel 5.15.86.1-1",
"product_id": "18513"
}
}
],
"category": "product_name",
"name": "kernel"
}
],
"category": "vendor",
"name": "Microsoft"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003ccm1 kernel 5.10.158.1-1 as a component of CBL Mariner 1.0",
"product_id": "16820-1"
},
"product_reference": "1",
"relates_to_product_reference": "16820"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cm1 kernel 5.10.158.1-1 as a component of CBL Mariner 1.0",
"product_id": "18518-16820"
},
"product_reference": "18518",
"relates_to_product_reference": "16820"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003ccbl2 kernel 5.15.86.1-1 as a component of CBL Mariner 2.0",
"product_id": "17086-2"
},
"product_reference": "2",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 kernel 5.15.86.1-1 as a component of CBL Mariner 2.0",
"product_id": "18513-17086"
},
"product_reference": "18513",
"relates_to_product_reference": "17086"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-3111",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "general",
"text": "redhat",
"title": "Assigning CNA"
}
],
"product_status": {
"fixed": [
"18518-16820",
"18513-17086"
],
"known_affected": [
"16820-1",
"17086-2"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2022-3111 An issue was discovered in the Linux kernel through 5.16-rc6. free_charger_irq() in drivers/power/supply/wm8350_power.c lacks free of WM8350_IRQ_CHG_FAST_RDY which is registered in wm8350_init_charger(). - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2022/msrc_cve-2022-3111.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"date": "2022-12-17T00:00:00.000Z",
"details": "5.10.158.1-1:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"16820-1"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
},
{
"category": "vendor_fix",
"date": "2022-12-17T00:00:00.000Z",
"details": "5.15.86.1-1:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17086-2"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalsScore": 0.0,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"16820-1",
"17086-2"
]
}
],
"title": "An issue was discovered in the Linux kernel through 5.16-rc6. free_charger_irq() in drivers/power/supply/wm8350_power.c lacks free of WM8350_IRQ_CHG_FAST_RDY which is registered in wm8350_init_charger()."
}
]
}
SUSE-SU-2023:0134-1
Vulnerability from csaf_suse - Published: 2023-01-25 10:16 - Updated: 2023-01-25 10:16Summary
Security update for the Linux Kernel
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel
Description of the patch:
The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2022-3435: Fixed an out-of-bounds read in fib_nh_match() of the file net/ipv4/fib_semantics.c (bsc#1204171).
- CVE-2022-4662: Fixed a recursive locking violation in usb-storage that can cause the kernel to deadlock. (bsc#1206664)
- CVE-2022-3105: Fixed a null pointer dereference caused by a missing check of the return value of kmalloc_array. (bsc#1206398)
- CVE-2022-3108: Fixed a bug in kfd_parse_subtype_iolink in drivers/gpu/drm/amd/amdkfd/kfd_crat.c where a lack of check of the return value of kmemdup() could lead to a NULL pointer dereference. (bsc#1206389)
- CVE-2022-3106: Fixed a null pointer dereference caused by a missing check of the return value of kmalloc. (bsc#1206397)
- CVE-2022-3107: Fixed a null pointer dereference caused by a missing check of the return value of kvmalloc_array. (bsc#1206395)
- CVE-2022-3111: Fixed a missing release of resource after effective lifetime bug caused by a missing free of the WM8350_IRQ_CHG_FAST_RDY in wm8350_init_charger. (bsc#1206394)
- CVE-2022-42328: Fixed a bug which could allow guests to trigger denial of service via the netback driver (bsc#1206114).
- CVE-2022-42329: Fixed a bug which could allow guests to trigger denial of service via the netback driver (bsc#1206113).
- CVE-2022-3643: Fixed a bug which could allow guests to trigger NIC interface reset/abort/crash via netback driver (bsc#1206113).
- CVE-2019-19083: Fixed a memory leaks in clock_source_create that could allow attackers to cause a denial of service (bsc#1157049).
The following non-security bugs were fixed:
- afs: Fix some tracing details (git-fixes).
- block: Do not reread partition table on exclusively open device (bsc#1190969).
- cuse: prevent clone (bsc#1206177).
- dt-bindings: clocks: imx8mp: Add ID for usb suspend clock (git-fixes).
- efi: Add iMac Pro 2017 to uefi skip cert quirk (git-fixes).
- fuse: do not check refcount after stealing page (bsc#1206174).
- fuse: fix the ->direct_IO() treatment of iov_iter (bsc#1206176).
- fuse: fix use after free in fuse_read_interrupt() (bsc#1206178).
- fuse: lock inode unconditionally in fuse_fallocate() (bsc#1206179).
- fuse: update attr_version counter on fuse_notify_inval_inode() (bsc#1206175).
- ipv6: ping: fix wrong checksum for large frames (bsc#1203183).
- kbuild: Unify options for BTF generation for vmlinux and modules (bsc#1204693).
- mm, page_alloc: avoid expensive reclaim when compaction may not succeed (bsc#1204250).
- net: mana: Fix race on per-CQ variable napi work_done (git-fixes).
- net: usb: cdc_ncm: do not spew notifications (git-fixes).
- net: usb: qmi_wwan: add u-blox 0x1342 composition (git-fixes).
- rtc: pcf85063: Fix reading alarm (git-fixes).
- s390/boot: add secure boot trailer (bsc#1205256 LTC#1205256).
- tracing: Add tracing_reset_all_online_cpus_unlocked() function (git-fixes).
- tracing: Delete all matched events (git-fixes).
- tracing: Free buffers when a used dynamic event is removed (git-fixes).
- usb: host: xhci-hub: fix extra endianness conversion (git-fixes).
- usbnet: move new members to end (git-fixes).
Patchnames: SUSE-2023-134,SUSE-SLE-Module-RT-15-SP3-2023-134,SUSE-SUSE-MicroOS-5.1-2023-134,SUSE-SUSE-MicroOS-5.2-2023-134,openSUSE-Leap-Micro-5.2-2023-134
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.5 (Medium)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.115.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.115.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.115.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.115.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.115.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.115.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.115.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.115.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.115.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.115.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.115.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.115.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.3 (Medium)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.115.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.115.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.3 (Medium)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.115.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.115.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.7 (Medium)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.115.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.115.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.7 (Medium)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.115.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.115.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.7 (Medium)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.115.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.115.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.115.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
59 references
| URL | Category |
|---|---|
| https://www.suse.com/support/security/rating/ | external |
| https://ftp.suse.com/pub/projects/security/csaf/s… | self |
| https://www.suse.com/support/update/announcement/… | self |
| https://lists.suse.com/pipermail/sle-security-upd… | self |
| https://bugzilla.suse.com/1151927 | self |
| https://bugzilla.suse.com/1157049 | self |
| https://bugzilla.suse.com/1190969 | self |
| https://bugzilla.suse.com/1203183 | self |
| https://bugzilla.suse.com/1204171 | self |
| https://bugzilla.suse.com/1204250 | self |
| https://bugzilla.suse.com/1204693 | self |
| https://bugzilla.suse.com/1205256 | self |
| https://bugzilla.suse.com/1206113 | self |
| https://bugzilla.suse.com/1206114 | self |
| https://bugzilla.suse.com/1206174 | self |
| https://bugzilla.suse.com/1206175 | self |
| https://bugzilla.suse.com/1206176 | self |
| https://bugzilla.suse.com/1206177 | self |
| https://bugzilla.suse.com/1206178 | self |
| https://bugzilla.suse.com/1206179 | self |
| https://bugzilla.suse.com/1206389 | self |
| https://bugzilla.suse.com/1206394 | self |
| https://bugzilla.suse.com/1206395 | self |
| https://bugzilla.suse.com/1206397 | self |
| https://bugzilla.suse.com/1206398 | self |
| https://bugzilla.suse.com/1206664 | self |
| https://www.suse.com/security/cve/CVE-2019-19083/ | self |
| https://www.suse.com/security/cve/CVE-2022-3105/ | self |
| https://www.suse.com/security/cve/CVE-2022-3106/ | self |
| https://www.suse.com/security/cve/CVE-2022-3107/ | self |
| https://www.suse.com/security/cve/CVE-2022-3108/ | self |
| https://www.suse.com/security/cve/CVE-2022-3111/ | self |
| https://www.suse.com/security/cve/CVE-2022-3435/ | self |
| https://www.suse.com/security/cve/CVE-2022-3643/ | self |
| https://www.suse.com/security/cve/CVE-2022-42328/ | self |
| https://www.suse.com/security/cve/CVE-2022-42329/ | self |
| https://www.suse.com/security/cve/CVE-2022-4662/ | self |
| https://www.suse.com/security/cve/CVE-2019-19083 | external |
| https://bugzilla.suse.com/1157049 | external |
| https://www.suse.com/security/cve/CVE-2022-3105 | external |
| https://bugzilla.suse.com/1206398 | external |
| https://www.suse.com/security/cve/CVE-2022-3106 | external |
| https://bugzilla.suse.com/1206397 | external |
| https://www.suse.com/security/cve/CVE-2022-3107 | external |
| https://bugzilla.suse.com/1206395 | external |
| https://www.suse.com/security/cve/CVE-2022-3108 | external |
| https://bugzilla.suse.com/1206389 | external |
| https://www.suse.com/security/cve/CVE-2022-3111 | external |
| https://bugzilla.suse.com/1206394 | external |
| https://www.suse.com/security/cve/CVE-2022-3435 | external |
| https://bugzilla.suse.com/1204171 | external |
| https://www.suse.com/security/cve/CVE-2022-3643 | external |
| https://bugzilla.suse.com/1206113 | external |
| https://www.suse.com/security/cve/CVE-2022-42328 | external |
| https://bugzilla.suse.com/1206114 | external |
| https://www.suse.com/security/cve/CVE-2022-42329 | external |
| https://bugzilla.suse.com/1206114 | external |
| https://www.suse.com/security/cve/CVE-2022-4662 | external |
| https://bugzilla.suse.com/1206664 | external |
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2022-3435: Fixed an out-of-bounds read in fib_nh_match() of the file net/ipv4/fib_semantics.c (bsc#1204171).\n- CVE-2022-4662: Fixed a recursive locking violation in usb-storage that can cause the kernel to deadlock. (bsc#1206664)\n- CVE-2022-3105: Fixed a null pointer dereference caused by a missing check of the return value of kmalloc_array. (bsc#1206398)\n- CVE-2022-3108: Fixed a bug in kfd_parse_subtype_iolink in drivers/gpu/drm/amd/amdkfd/kfd_crat.c where a lack of check of the return value of kmemdup() could lead to a NULL pointer dereference. (bsc#1206389)\n- CVE-2022-3106: Fixed a null pointer dereference caused by a missing check of the return value of kmalloc. (bsc#1206397)\n- CVE-2022-3107: Fixed a null pointer dereference caused by a missing check of the return value of kvmalloc_array. (bsc#1206395)\n- CVE-2022-3111: Fixed a missing release of resource after effective lifetime bug caused by a missing free of the WM8350_IRQ_CHG_FAST_RDY in wm8350_init_charger. (bsc#1206394)\n- CVE-2022-42328: Fixed a bug which could allow guests to trigger denial of service via the netback driver (bsc#1206114).\n- CVE-2022-42329: Fixed a bug which could allow guests to trigger denial of service via the netback driver (bsc#1206113).\n- CVE-2022-3643: Fixed a bug which could allow guests to trigger NIC interface reset/abort/crash via netback driver (bsc#1206113).\n- CVE-2019-19083: Fixed a memory leaks in clock_source_create that could allow attackers to cause a denial of service (bsc#1157049).\n\nThe following non-security bugs were fixed:\n\n- afs: Fix some tracing details (git-fixes).\n- block: Do not reread partition table on exclusively open device (bsc#1190969).\n- cuse: prevent clone (bsc#1206177).\n- dt-bindings: clocks: imx8mp: Add ID for usb suspend clock (git-fixes).\n- efi: Add iMac Pro 2017 to uefi skip cert quirk (git-fixes).\n- fuse: do not check refcount after stealing page (bsc#1206174).\n- fuse: fix the -\u003edirect_IO() treatment of iov_iter (bsc#1206176).\n- fuse: fix use after free in fuse_read_interrupt() (bsc#1206178).\n- fuse: lock inode unconditionally in fuse_fallocate() (bsc#1206179).\n- fuse: update attr_version counter on fuse_notify_inval_inode() (bsc#1206175).\n- ipv6: ping: fix wrong checksum for large frames (bsc#1203183).\n- kbuild: Unify options for BTF generation for vmlinux and modules (bsc#1204693).\n- mm, page_alloc: avoid expensive reclaim when compaction may not succeed (bsc#1204250).\n- net: mana: Fix race on per-CQ variable napi work_done (git-fixes).\n- net: usb: cdc_ncm: do not spew notifications (git-fixes).\n- net: usb: qmi_wwan: add u-blox 0x1342 composition (git-fixes).\n- rtc: pcf85063: Fix reading alarm (git-fixes).\n- s390/boot: add secure boot trailer (bsc#1205256 LTC#1205256).\n- tracing: Add tracing_reset_all_online_cpus_unlocked() function (git-fixes).\n- tracing: Delete all matched events (git-fixes).\n- tracing: Free buffers when a used dynamic event is removed (git-fixes).\n- usb: host: xhci-hub: fix extra endianness conversion (git-fixes).\n- usbnet: move new members to end (git-fixes).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2023-134,SUSE-SLE-Module-RT-15-SP3-2023-134,SUSE-SUSE-MicroOS-5.1-2023-134,SUSE-SUSE-MicroOS-5.2-2023-134,openSUSE-Leap-Micro-5.2-2023-134",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_0134-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2023:0134-1",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20230134-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2023:0134-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-January/013523.html"
},
{
"category": "self",
"summary": "SUSE Bug 1151927",
"url": "https://bugzilla.suse.com/1151927"
},
{
"category": "self",
"summary": "SUSE Bug 1157049",
"url": "https://bugzilla.suse.com/1157049"
},
{
"category": "self",
"summary": "SUSE Bug 1190969",
"url": "https://bugzilla.suse.com/1190969"
},
{
"category": "self",
"summary": "SUSE Bug 1203183",
"url": "https://bugzilla.suse.com/1203183"
},
{
"category": "self",
"summary": "SUSE Bug 1204171",
"url": "https://bugzilla.suse.com/1204171"
},
{
"category": "self",
"summary": "SUSE Bug 1204250",
"url": "https://bugzilla.suse.com/1204250"
},
{
"category": "self",
"summary": "SUSE Bug 1204693",
"url": "https://bugzilla.suse.com/1204693"
},
{
"category": "self",
"summary": "SUSE Bug 1205256",
"url": "https://bugzilla.suse.com/1205256"
},
{
"category": "self",
"summary": "SUSE Bug 1206113",
"url": "https://bugzilla.suse.com/1206113"
},
{
"category": "self",
"summary": "SUSE Bug 1206114",
"url": "https://bugzilla.suse.com/1206114"
},
{
"category": "self",
"summary": "SUSE Bug 1206174",
"url": "https://bugzilla.suse.com/1206174"
},
{
"category": "self",
"summary": "SUSE Bug 1206175",
"url": "https://bugzilla.suse.com/1206175"
},
{
"category": "self",
"summary": "SUSE Bug 1206176",
"url": "https://bugzilla.suse.com/1206176"
},
{
"category": "self",
"summary": "SUSE Bug 1206177",
"url": "https://bugzilla.suse.com/1206177"
},
{
"category": "self",
"summary": "SUSE Bug 1206178",
"url": "https://bugzilla.suse.com/1206178"
},
{
"category": "self",
"summary": "SUSE Bug 1206179",
"url": "https://bugzilla.suse.com/1206179"
},
{
"category": "self",
"summary": "SUSE Bug 1206389",
"url": "https://bugzilla.suse.com/1206389"
},
{
"category": "self",
"summary": "SUSE Bug 1206394",
"url": "https://bugzilla.suse.com/1206394"
},
{
"category": "self",
"summary": "SUSE Bug 1206395",
"url": "https://bugzilla.suse.com/1206395"
},
{
"category": "self",
"summary": "SUSE Bug 1206397",
"url": "https://bugzilla.suse.com/1206397"
},
{
"category": "self",
"summary": "SUSE Bug 1206398",
"url": "https://bugzilla.suse.com/1206398"
},
{
"category": "self",
"summary": "SUSE Bug 1206664",
"url": "https://bugzilla.suse.com/1206664"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19083 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19083/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-3105 page",
"url": "https://www.suse.com/security/cve/CVE-2022-3105/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-3106 page",
"url": "https://www.suse.com/security/cve/CVE-2022-3106/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-3107 page",
"url": "https://www.suse.com/security/cve/CVE-2022-3107/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-3108 page",
"url": "https://www.suse.com/security/cve/CVE-2022-3108/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-3111 page",
"url": "https://www.suse.com/security/cve/CVE-2022-3111/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-3435 page",
"url": "https://www.suse.com/security/cve/CVE-2022-3435/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-3643 page",
"url": "https://www.suse.com/security/cve/CVE-2022-3643/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-42328 page",
"url": "https://www.suse.com/security/cve/CVE-2022-42328/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-42329 page",
"url": "https://www.suse.com/security/cve/CVE-2022-42329/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-4662 page",
"url": "https://www.suse.com/security/cve/CVE-2022-4662/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2023-01-25T10:16:28Z",
"generator": {
"date": "2023-01-25T10:16:28Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2023:0134-1",
"initial_release_date": "2023-01-25T10:16:28Z",
"revision_history": [
{
"date": "2023-01-25T10:16:28Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-rt-5.3.18-150300.115.1.noarch",
"product": {
"name": "kernel-devel-rt-5.3.18-150300.115.1.noarch",
"product_id": "kernel-devel-rt-5.3.18-150300.115.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-rt-5.3.18-150300.115.1.noarch",
"product": {
"name": "kernel-source-rt-5.3.18-150300.115.1.noarch",
"product_id": "kernel-source-rt-5.3.18-150300.115.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-rt-5.3.18-150300.115.1.x86_64",
"product": {
"name": "cluster-md-kmp-rt-5.3.18-150300.115.1.x86_64",
"product_id": "cluster-md-kmp-rt-5.3.18-150300.115.1.x86_64"
}
},
{
"category": "product_version",
"name": "cluster-md-kmp-rt_debug-5.3.18-150300.115.1.x86_64",
"product": {
"name": "cluster-md-kmp-rt_debug-5.3.18-150300.115.1.x86_64",
"product_id": "cluster-md-kmp-rt_debug-5.3.18-150300.115.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-rt-5.3.18-150300.115.1.x86_64",
"product": {
"name": "dlm-kmp-rt-5.3.18-150300.115.1.x86_64",
"product_id": "dlm-kmp-rt-5.3.18-150300.115.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-rt_debug-5.3.18-150300.115.1.x86_64",
"product": {
"name": "dlm-kmp-rt_debug-5.3.18-150300.115.1.x86_64",
"product_id": "dlm-kmp-rt_debug-5.3.18-150300.115.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-rt-5.3.18-150300.115.1.x86_64",
"product": {
"name": "gfs2-kmp-rt-5.3.18-150300.115.1.x86_64",
"product_id": "gfs2-kmp-rt-5.3.18-150300.115.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-rt_debug-5.3.18-150300.115.1.x86_64",
"product": {
"name": "gfs2-kmp-rt_debug-5.3.18-150300.115.1.x86_64",
"product_id": "gfs2-kmp-rt_debug-5.3.18-150300.115.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-5.3.18-150300.115.1.x86_64",
"product": {
"name": "kernel-rt-5.3.18-150300.115.1.x86_64",
"product_id": "kernel-rt-5.3.18-150300.115.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-5.3.18-150300.115.1.x86_64",
"product": {
"name": "kernel-rt-devel-5.3.18-150300.115.1.x86_64",
"product_id": "kernel-rt-devel-5.3.18-150300.115.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-extra-5.3.18-150300.115.1.x86_64",
"product": {
"name": "kernel-rt-extra-5.3.18-150300.115.1.x86_64",
"product_id": "kernel-rt-extra-5.3.18-150300.115.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-livepatch-devel-5.3.18-150300.115.1.x86_64",
"product": {
"name": "kernel-rt-livepatch-devel-5.3.18-150300.115.1.x86_64",
"product_id": "kernel-rt-livepatch-devel-5.3.18-150300.115.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-optional-5.3.18-150300.115.1.x86_64",
"product": {
"name": "kernel-rt-optional-5.3.18-150300.115.1.x86_64",
"product_id": "kernel-rt-optional-5.3.18-150300.115.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-5.3.18-150300.115.1.x86_64",
"product": {
"name": "kernel-rt_debug-5.3.18-150300.115.1.x86_64",
"product_id": "kernel-rt_debug-5.3.18-150300.115.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-devel-5.3.18-150300.115.1.x86_64",
"product": {
"name": "kernel-rt_debug-devel-5.3.18-150300.115.1.x86_64",
"product_id": "kernel-rt_debug-devel-5.3.18-150300.115.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-extra-5.3.18-150300.115.1.x86_64",
"product": {
"name": "kernel-rt_debug-extra-5.3.18-150300.115.1.x86_64",
"product_id": "kernel-rt_debug-extra-5.3.18-150300.115.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-livepatch-devel-5.3.18-150300.115.1.x86_64",
"product": {
"name": "kernel-rt_debug-livepatch-devel-5.3.18-150300.115.1.x86_64",
"product_id": "kernel-rt_debug-livepatch-devel-5.3.18-150300.115.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-optional-5.3.18-150300.115.1.x86_64",
"product": {
"name": "kernel-rt_debug-optional-5.3.18-150300.115.1.x86_64",
"product_id": "kernel-rt_debug-optional-5.3.18-150300.115.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-rt-5.3.18-150300.115.1.x86_64",
"product": {
"name": "kernel-syms-rt-5.3.18-150300.115.1.x86_64",
"product_id": "kernel-syms-rt-5.3.18-150300.115.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-rt-5.3.18-150300.115.1.x86_64",
"product": {
"name": "kselftests-kmp-rt-5.3.18-150300.115.1.x86_64",
"product_id": "kselftests-kmp-rt-5.3.18-150300.115.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-rt_debug-5.3.18-150300.115.1.x86_64",
"product": {
"name": "kselftests-kmp-rt_debug-5.3.18-150300.115.1.x86_64",
"product_id": "kselftests-kmp-rt_debug-5.3.18-150300.115.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-rt-5.3.18-150300.115.1.x86_64",
"product": {
"name": "ocfs2-kmp-rt-5.3.18-150300.115.1.x86_64",
"product_id": "ocfs2-kmp-rt-5.3.18-150300.115.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-rt_debug-5.3.18-150300.115.1.x86_64",
"product": {
"name": "ocfs2-kmp-rt_debug-5.3.18-150300.115.1.x86_64",
"product_id": "ocfs2-kmp-rt_debug-5.3.18-150300.115.1.x86_64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-rt-5.3.18-150300.115.1.x86_64",
"product": {
"name": "reiserfs-kmp-rt-5.3.18-150300.115.1.x86_64",
"product_id": "reiserfs-kmp-rt-5.3.18-150300.115.1.x86_64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-rt_debug-5.3.18-150300.115.1.x86_64",
"product": {
"name": "reiserfs-kmp-rt_debug-5.3.18-150300.115.1.x86_64",
"product_id": "reiserfs-kmp-rt_debug-5.3.18-150300.115.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Real Time Module 15 SP3",
"product": {
"name": "SUSE Real Time Module 15 SP3",
"product_id": "SUSE Real Time Module 15 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-rt:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.1",
"product": {
"name": "SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-microos:5.1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.2",
"product": {
"name": "SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-microos:5.2"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap Micro 5.2",
"product": {
"name": "openSUSE Leap Micro 5.2",
"product_id": "openSUSE Leap Micro 5.2",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap-micro:5.2"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-rt-5.3.18-150300.115.1.x86_64 as component of SUSE Real Time Module 15 SP3",
"product_id": "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.115.1.x86_64"
},
"product_reference": "cluster-md-kmp-rt-5.3.18-150300.115.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-rt-5.3.18-150300.115.1.x86_64 as component of SUSE Real Time Module 15 SP3",
"product_id": "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.115.1.x86_64"
},
"product_reference": "dlm-kmp-rt-5.3.18-150300.115.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-rt-5.3.18-150300.115.1.x86_64 as component of SUSE Real Time Module 15 SP3",
"product_id": "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.115.1.x86_64"
},
"product_reference": "gfs2-kmp-rt-5.3.18-150300.115.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-rt-5.3.18-150300.115.1.noarch as component of SUSE Real Time Module 15 SP3",
"product_id": "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.115.1.noarch"
},
"product_reference": "kernel-devel-rt-5.3.18-150300.115.1.noarch",
"relates_to_product_reference": "SUSE Real Time Module 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-5.3.18-150300.115.1.x86_64 as component of SUSE Real Time Module 15 SP3",
"product_id": "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.115.1.x86_64"
},
"product_reference": "kernel-rt-5.3.18-150300.115.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-5.3.18-150300.115.1.x86_64 as component of SUSE Real Time Module 15 SP3",
"product_id": "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.115.1.x86_64"
},
"product_reference": "kernel-rt-devel-5.3.18-150300.115.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt_debug-devel-5.3.18-150300.115.1.x86_64 as component of SUSE Real Time Module 15 SP3",
"product_id": "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.115.1.x86_64"
},
"product_reference": "kernel-rt_debug-devel-5.3.18-150300.115.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-rt-5.3.18-150300.115.1.noarch as component of SUSE Real Time Module 15 SP3",
"product_id": "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.115.1.noarch"
},
"product_reference": "kernel-source-rt-5.3.18-150300.115.1.noarch",
"relates_to_product_reference": "SUSE Real Time Module 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-rt-5.3.18-150300.115.1.x86_64 as component of SUSE Real Time Module 15 SP3",
"product_id": "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.115.1.x86_64"
},
"product_reference": "kernel-syms-rt-5.3.18-150300.115.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-rt-5.3.18-150300.115.1.x86_64 as component of SUSE Real Time Module 15 SP3",
"product_id": "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.115.1.x86_64"
},
"product_reference": "ocfs2-kmp-rt-5.3.18-150300.115.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-5.3.18-150300.115.1.x86_64 as component of SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.115.1.x86_64"
},
"product_reference": "kernel-rt-5.3.18-150300.115.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-5.3.18-150300.115.1.x86_64 as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.115.1.x86_64"
},
"product_reference": "kernel-rt-5.3.18-150300.115.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-5.3.18-150300.115.1.x86_64 as component of openSUSE Leap Micro 5.2",
"product_id": "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.115.1.x86_64"
},
"product_reference": "kernel-rt-5.3.18-150300.115.1.x86_64",
"relates_to_product_reference": "openSUSE Leap Micro 5.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-19083",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19083"
}
],
"notes": [
{
"category": "general",
"text": "Memory leaks in *clock_source_create() functions under drivers/gpu/drm/amd/display/dc in the Linux kernel before 5.3.8 allow attackers to cause a denial of service (memory consumption). This affects the dce112_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce112/dce112_resource.c, the dce100_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce100/dce100_resource.c, the dcn10_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dcn10/dcn10_resource.c, the dcn20_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dcn20/dcn20_resource.c, the dce120_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce120/dce120_resource.c, the dce110_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce110/dce110_resource.c, and the dce80_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce80/dce80_resource.c, aka CID-055e547478a1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.115.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.115.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.115.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.115.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.115.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19083",
"url": "https://www.suse.com/security/cve/CVE-2019-19083"
},
{
"category": "external",
"summary": "SUSE Bug 1157049 for CVE-2019-19083",
"url": "https://bugzilla.suse.com/1157049"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.115.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.115.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.115.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.115.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.115.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.115.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.115.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.115.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.115.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.115.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-01-25T10:16:28Z",
"details": "moderate"
}
],
"title": "CVE-2019-19083"
},
{
"cve": "CVE-2022-3105",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-3105"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel through 5.16-rc6. uapi_finalize in drivers/infiniband/core/uverbs_uapi.c lacks check of kmalloc_array().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.115.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.115.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.115.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.115.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.115.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-3105",
"url": "https://www.suse.com/security/cve/CVE-2022-3105"
},
{
"category": "external",
"summary": "SUSE Bug 1206398 for CVE-2022-3105",
"url": "https://bugzilla.suse.com/1206398"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.115.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.115.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.115.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.115.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.115.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.115.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.115.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.115.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.115.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.115.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-01-25T10:16:28Z",
"details": "moderate"
}
],
"title": "CVE-2022-3105"
},
{
"cve": "CVE-2022-3106",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-3106"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel through 5.16-rc6. ef100_update_stats in drivers/net/ethernet/sfc/ef100_nic.c lacks check of the return value of kmalloc().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.115.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.115.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.115.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.115.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.115.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-3106",
"url": "https://www.suse.com/security/cve/CVE-2022-3106"
},
{
"category": "external",
"summary": "SUSE Bug 1206397 for CVE-2022-3106",
"url": "https://bugzilla.suse.com/1206397"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.115.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.115.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.115.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.115.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.115.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.115.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.115.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.115.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.115.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.115.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-01-25T10:16:28Z",
"details": "moderate"
}
],
"title": "CVE-2022-3106"
},
{
"cve": "CVE-2022-3107",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-3107"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel through 5.16-rc6. netvsc_get_ethtool_stats in drivers/net/hyperv/netvsc_drv.c lacks check of the return value of kvmalloc_array() and will cause the null pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.115.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.115.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.115.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.115.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.115.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-3107",
"url": "https://www.suse.com/security/cve/CVE-2022-3107"
},
{
"category": "external",
"summary": "SUSE Bug 1206395 for CVE-2022-3107",
"url": "https://bugzilla.suse.com/1206395"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.115.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.115.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.115.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.115.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.115.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.115.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.115.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.115.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.115.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.115.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-01-25T10:16:28Z",
"details": "moderate"
}
],
"title": "CVE-2022-3107"
},
{
"cve": "CVE-2022-3108",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-3108"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel through 5.16-rc6. kfd_parse_subtype_iolink in drivers/gpu/drm/amd/amdkfd/kfd_crat.c lacks check of the return value of kmemdup().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.115.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.115.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.115.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.115.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.115.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-3108",
"url": "https://www.suse.com/security/cve/CVE-2022-3108"
},
{
"category": "external",
"summary": "SUSE Bug 1206389 for CVE-2022-3108",
"url": "https://bugzilla.suse.com/1206389"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.115.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.115.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.115.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.115.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.115.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.115.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.115.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.115.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.115.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.115.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-01-25T10:16:28Z",
"details": "moderate"
}
],
"title": "CVE-2022-3108"
},
{
"cve": "CVE-2022-3111",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-3111"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel through 5.16-rc6. free_charger_irq() in drivers/power/supply/wm8350_power.c lacks free of WM8350_IRQ_CHG_FAST_RDY, which is registered in wm8350_init_charger().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.115.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.115.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.115.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.115.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.115.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-3111",
"url": "https://www.suse.com/security/cve/CVE-2022-3111"
},
{
"category": "external",
"summary": "SUSE Bug 1206394 for CVE-2022-3111",
"url": "https://bugzilla.suse.com/1206394"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.115.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.115.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.115.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.115.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.115.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.115.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.115.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.115.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.115.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.115.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-01-25T10:16:28Z",
"details": "moderate"
}
],
"title": "CVE-2022-3111"
},
{
"cve": "CVE-2022-3435",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-3435"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability classified as problematic has been found in Linux Kernel. This affects the function fib_nh_match of the file net/ipv4/fib_semantics.c of the component IPv4 Handler. The manipulation leads to out-of-bounds read. It is possible to initiate the attack remotely. It is recommended to apply a patch to fix this issue. The identifier VDB-210357 was assigned to this vulnerability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.115.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.115.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.115.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.115.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.115.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-3435",
"url": "https://www.suse.com/security/cve/CVE-2022-3435"
},
{
"category": "external",
"summary": "SUSE Bug 1204171 for CVE-2022-3435",
"url": "https://bugzilla.suse.com/1204171"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.115.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.115.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.115.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.115.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.115.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.115.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.115.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.115.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.115.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.115.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-01-25T10:16:28Z",
"details": "moderate"
}
],
"title": "CVE-2022-3435"
},
{
"cve": "CVE-2022-3643",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-3643"
}
],
"notes": [
{
"category": "general",
"text": "Guests can trigger NIC interface reset/abort/crash via netback It is possible for a guest to trigger a NIC interface reset/abort/crash in a Linux based network backend by sending certain kinds of packets. It appears to be an (unwritten?) assumption in the rest of the Linux network stack that packet protocol headers are all contained within the linear section of the SKB and some NICs behave badly if this is not the case. This has been reported to occur with Cisco (enic) and Broadcom NetXtrem II BCM5780 (bnx2x) though it may be an issue with other NICs/drivers as well. In case the frontend is sending requests with split headers, netback will forward those violating above mentioned assumption to the networking core, resulting in said misbehavior.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.115.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.115.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.115.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.115.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.115.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-3643",
"url": "https://www.suse.com/security/cve/CVE-2022-3643"
},
{
"category": "external",
"summary": "SUSE Bug 1206113 for CVE-2022-3643",
"url": "https://bugzilla.suse.com/1206113"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.115.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.115.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.115.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.115.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.115.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.115.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.115.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.115.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.115.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.115.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-01-25T10:16:28Z",
"details": "moderate"
}
],
"title": "CVE-2022-3643"
},
{
"cve": "CVE-2022-42328",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-42328"
}
],
"notes": [
{
"category": "general",
"text": "Guests can trigger deadlock in Linux netback driver T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] The patch for XSA-392 introduced another issue which might result in a deadlock when trying to free the SKB of a packet dropped due to the XSA-392 handling (CVE-2022-42328). Additionally when dropping packages for other reasons the same deadlock could occur in case of netpoll being active for the interface the xen-netback driver is connected to (CVE-2022-42329).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.115.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.115.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.115.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.115.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.115.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-42328",
"url": "https://www.suse.com/security/cve/CVE-2022-42328"
},
{
"category": "external",
"summary": "SUSE Bug 1206114 for CVE-2022-42328",
"url": "https://bugzilla.suse.com/1206114"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.115.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.115.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.115.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.115.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.115.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.115.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.115.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.115.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.115.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.115.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-01-25T10:16:28Z",
"details": "moderate"
}
],
"title": "CVE-2022-42328"
},
{
"cve": "CVE-2022-42329",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-42329"
}
],
"notes": [
{
"category": "general",
"text": "Guests can trigger deadlock in Linux netback driver T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] The patch for XSA-392 introduced another issue which might result in a deadlock when trying to free the SKB of a packet dropped due to the XSA-392 handling (CVE-2022-42328). Additionally when dropping packages for other reasons the same deadlock could occur in case of netpoll being active for the interface the xen-netback driver is connected to (CVE-2022-42329).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.115.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.115.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.115.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.115.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.115.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-42329",
"url": "https://www.suse.com/security/cve/CVE-2022-42329"
},
{
"category": "external",
"summary": "SUSE Bug 1206114 for CVE-2022-42329",
"url": "https://bugzilla.suse.com/1206114"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.115.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.115.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.115.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.115.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.115.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.115.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.115.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.115.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.115.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.115.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-01-25T10:16:28Z",
"details": "moderate"
}
],
"title": "CVE-2022-42329"
},
{
"cve": "CVE-2022-4662",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-4662"
}
],
"notes": [
{
"category": "general",
"text": "A flaw incorrect access control in the Linux kernel USB core subsystem was found in the way user attaches usb device. A local user could use this flaw to crash the system.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.115.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.115.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.115.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.115.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.115.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-4662",
"url": "https://www.suse.com/security/cve/CVE-2022-4662"
},
{
"category": "external",
"summary": "SUSE Bug 1206664 for CVE-2022-4662",
"url": "https://bugzilla.suse.com/1206664"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.115.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.115.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.115.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.115.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.115.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.115.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.115.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.115.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.115.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.115.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.115.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-01-25T10:16:28Z",
"details": "moderate"
}
],
"title": "CVE-2022-4662"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…