{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for the Linux Kernel",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security and bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2023-2124: Fixed an out of bound access in the XFS subsystem that could have lead to denial-of-service or potentially privilege escalation (bsc#1210498).\n- CVE-2023-1872:Fixed a use after free vulnerability in the io_uring subsystem, which could lead to local privilege escalation (bsc#1210414).\n- CVE-2022-2196: Fixed a regression related to KVM that allowed for speculative execution attacks (bsc#1206992).\n- CVE-2023-1670: Fixed a use after free in the Xircom 16-bit PCMCIA Ethernet driver. A local user could use this flaw to crash the system or potentially escalate their privileges on the system (bsc#1209871).\n- CVE-2023-2162: Fixed an use-after-free flaw in iscsi_sw_tcp_session_create (bsc#1210647).\n- CVE-2023-2176: A vulnerability was found in compare_netdev_and_ip in drivers/infiniband/core/cma.c in RDMA. The improper cleanup results in out-of-boundary read, where a local user can utilize this problem to crash the system or escalation of privilege (bsc#1210629).\n- CVE-2023-1998: Fixed a use after free during login when accessing the shost ipaddress (bsc#1210506).\n- CVE-2023-30772: Fixed a race condition and resultant use-after-free in da9150_charger_remove (bsc#1210329).\n- CVE-2023-2008: A flaw was found in the fault handler of the udmabuf device driver. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code (bsc#1210453).\n- CVE-2023-1855: Fixed a use after free in xgene_hwmon_remove (bsc#1210202).\n- CVE-2020-36691: Fixed a denial of service vulnerability via a nested Netlink policy with a back reference (bsc#1209777).\n- CVE-2023-1990: Fixed a use after free in ndlc_remove (bsc#1210337).\n- CVE-2023-1989: Fixed a use after free in btsdio_remove (bsc#1210336).\n- CVE-2023-1611: Fixed an use-after-free flaw in btrfs_search_slot (bsc#1209687).\n- CVE-2023-1838: Fixed an use-after-free flaw in virtio network subcomponent. This flaw could allow a local attacker to crash the system and lead to a kernel information leak problem. (bsc#1210203).\n\nThe following non-security bugs were fixed:\n\n- Drivers: vmbus: Check for channel allocation before looking up relids (git-fixes).\n- cifs: fix negotiate context parsing (bsc#1210301).\n- keys: Fix linking a duplicate key to a keyring\u0027s assoc_array (bsc#1207088).\n- vmxnet3: use gro callback when UPT is enabled (bsc#1209739).\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-2023-2147,SUSE-SLE-Module-RT-15-SP3-2023-2147,SUSE-SUSE-MicroOS-5.1-2023-2147,SUSE-SUSE-MicroOS-5.2-2023-2147",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_2147-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2023:2147-1",
        "url": "https://www.suse.com/support/update/announcement/2023/suse-su-20232147-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2023:2147-1",
        "url": "https://lists.suse.com/pipermail/sle-updates/2023-May/029301.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1202353",
        "url": "https://bugzilla.suse.com/1202353"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1206992",
        "url": "https://bugzilla.suse.com/1206992"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1207088",
        "url": "https://bugzilla.suse.com/1207088"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1209687",
        "url": "https://bugzilla.suse.com/1209687"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1209739",
        "url": "https://bugzilla.suse.com/1209739"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1209777",
        "url": "https://bugzilla.suse.com/1209777"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1209871",
        "url": "https://bugzilla.suse.com/1209871"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1210202",
        "url": "https://bugzilla.suse.com/1210202"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1210203",
        "url": "https://bugzilla.suse.com/1210203"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1210301",
        "url": "https://bugzilla.suse.com/1210301"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1210329",
        "url": "https://bugzilla.suse.com/1210329"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1210336",
        "url": "https://bugzilla.suse.com/1210336"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1210337",
        "url": "https://bugzilla.suse.com/1210337"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1210414",
        "url": "https://bugzilla.suse.com/1210414"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1210453",
        "url": "https://bugzilla.suse.com/1210453"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1210469",
        "url": "https://bugzilla.suse.com/1210469"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1210498",
        "url": "https://bugzilla.suse.com/1210498"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1210506",
        "url": "https://bugzilla.suse.com/1210506"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1210629",
        "url": "https://bugzilla.suse.com/1210629"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1210647",
        "url": "https://bugzilla.suse.com/1210647"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-36691 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-36691/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-2196 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-2196/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-1611 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-1611/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-1670 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-1670/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-1838 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-1838/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-1855 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-1855/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-1872 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-1872/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-1989 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-1989/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-1990 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-1990/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-1998 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-1998/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-2008 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-2008/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-2124 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-2124/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-2162 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-2162/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-2176 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-2176/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-30772 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-30772/"
      }
    ],
    "title": "Security update for the Linux Kernel",
    "tracking": {
      "current_release_date": "2023-05-09T15:04:16Z",
      "generator": {
        "date": "2023-05-09T15:04:16Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2023:2147-1",
      "initial_release_date": "2023-05-09T15:04:16Z",
      "revision_history": [
        {
          "date": "2023-05-09T15:04:16Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-devel-rt-5.3.18-150300.127.1.noarch",
                "product": {
                  "name": "kernel-devel-rt-5.3.18-150300.127.1.noarch",
                  "product_id": "kernel-devel-rt-5.3.18-150300.127.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-source-rt-5.3.18-150300.127.1.noarch",
                "product": {
                  "name": "kernel-source-rt-5.3.18-150300.127.1.noarch",
                  "product_id": "kernel-source-rt-5.3.18-150300.127.1.noarch"
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "cluster-md-kmp-rt-5.3.18-150300.127.1.x86_64",
                "product": {
                  "name": "cluster-md-kmp-rt-5.3.18-150300.127.1.x86_64",
                  "product_id": "cluster-md-kmp-rt-5.3.18-150300.127.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "cluster-md-kmp-rt_debug-5.3.18-150300.127.1.x86_64",
                "product": {
                  "name": "cluster-md-kmp-rt_debug-5.3.18-150300.127.1.x86_64",
                  "product_id": "cluster-md-kmp-rt_debug-5.3.18-150300.127.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "dlm-kmp-rt-5.3.18-150300.127.1.x86_64",
                "product": {
                  "name": "dlm-kmp-rt-5.3.18-150300.127.1.x86_64",
                  "product_id": "dlm-kmp-rt-5.3.18-150300.127.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "dlm-kmp-rt_debug-5.3.18-150300.127.1.x86_64",
                "product": {
                  "name": "dlm-kmp-rt_debug-5.3.18-150300.127.1.x86_64",
                  "product_id": "dlm-kmp-rt_debug-5.3.18-150300.127.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "gfs2-kmp-rt-5.3.18-150300.127.1.x86_64",
                "product": {
                  "name": "gfs2-kmp-rt-5.3.18-150300.127.1.x86_64",
                  "product_id": "gfs2-kmp-rt-5.3.18-150300.127.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "gfs2-kmp-rt_debug-5.3.18-150300.127.1.x86_64",
                "product": {
                  "name": "gfs2-kmp-rt_debug-5.3.18-150300.127.1.x86_64",
                  "product_id": "gfs2-kmp-rt_debug-5.3.18-150300.127.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-5.3.18-150300.127.1.x86_64",
                "product": {
                  "name": "kernel-rt-5.3.18-150300.127.1.x86_64",
                  "product_id": "kernel-rt-5.3.18-150300.127.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-devel-5.3.18-150300.127.1.x86_64",
                "product": {
                  "name": "kernel-rt-devel-5.3.18-150300.127.1.x86_64",
                  "product_id": "kernel-rt-devel-5.3.18-150300.127.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-extra-5.3.18-150300.127.1.x86_64",
                "product": {
                  "name": "kernel-rt-extra-5.3.18-150300.127.1.x86_64",
                  "product_id": "kernel-rt-extra-5.3.18-150300.127.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-livepatch-devel-5.3.18-150300.127.1.x86_64",
                "product": {
                  "name": "kernel-rt-livepatch-devel-5.3.18-150300.127.1.x86_64",
                  "product_id": "kernel-rt-livepatch-devel-5.3.18-150300.127.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-optional-5.3.18-150300.127.1.x86_64",
                "product": {
                  "name": "kernel-rt-optional-5.3.18-150300.127.1.x86_64",
                  "product_id": "kernel-rt-optional-5.3.18-150300.127.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt_debug-5.3.18-150300.127.1.x86_64",
                "product": {
                  "name": "kernel-rt_debug-5.3.18-150300.127.1.x86_64",
                  "product_id": "kernel-rt_debug-5.3.18-150300.127.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt_debug-devel-5.3.18-150300.127.1.x86_64",
                "product": {
                  "name": "kernel-rt_debug-devel-5.3.18-150300.127.1.x86_64",
                  "product_id": "kernel-rt_debug-devel-5.3.18-150300.127.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt_debug-extra-5.3.18-150300.127.1.x86_64",
                "product": {
                  "name": "kernel-rt_debug-extra-5.3.18-150300.127.1.x86_64",
                  "product_id": "kernel-rt_debug-extra-5.3.18-150300.127.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt_debug-livepatch-devel-5.3.18-150300.127.1.x86_64",
                "product": {
                  "name": "kernel-rt_debug-livepatch-devel-5.3.18-150300.127.1.x86_64",
                  "product_id": "kernel-rt_debug-livepatch-devel-5.3.18-150300.127.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt_debug-optional-5.3.18-150300.127.1.x86_64",
                "product": {
                  "name": "kernel-rt_debug-optional-5.3.18-150300.127.1.x86_64",
                  "product_id": "kernel-rt_debug-optional-5.3.18-150300.127.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-syms-rt-5.3.18-150300.127.1.x86_64",
                "product": {
                  "name": "kernel-syms-rt-5.3.18-150300.127.1.x86_64",
                  "product_id": "kernel-syms-rt-5.3.18-150300.127.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kselftests-kmp-rt-5.3.18-150300.127.1.x86_64",
                "product": {
                  "name": "kselftests-kmp-rt-5.3.18-150300.127.1.x86_64",
                  "product_id": "kselftests-kmp-rt-5.3.18-150300.127.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kselftests-kmp-rt_debug-5.3.18-150300.127.1.x86_64",
                "product": {
                  "name": "kselftests-kmp-rt_debug-5.3.18-150300.127.1.x86_64",
                  "product_id": "kselftests-kmp-rt_debug-5.3.18-150300.127.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "ocfs2-kmp-rt-5.3.18-150300.127.1.x86_64",
                "product": {
                  "name": "ocfs2-kmp-rt-5.3.18-150300.127.1.x86_64",
                  "product_id": "ocfs2-kmp-rt-5.3.18-150300.127.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "ocfs2-kmp-rt_debug-5.3.18-150300.127.1.x86_64",
                "product": {
                  "name": "ocfs2-kmp-rt_debug-5.3.18-150300.127.1.x86_64",
                  "product_id": "ocfs2-kmp-rt_debug-5.3.18-150300.127.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "reiserfs-kmp-rt-5.3.18-150300.127.1.x86_64",
                "product": {
                  "name": "reiserfs-kmp-rt-5.3.18-150300.127.1.x86_64",
                  "product_id": "reiserfs-kmp-rt-5.3.18-150300.127.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "reiserfs-kmp-rt_debug-5.3.18-150300.127.1.x86_64",
                "product": {
                  "name": "reiserfs-kmp-rt_debug-5.3.18-150300.127.1.x86_64",
                  "product_id": "reiserfs-kmp-rt_debug-5.3.18-150300.127.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Real Time Module 15 SP3",
                "product": {
                  "name": "SUSE Real Time Module 15 SP3",
                  "product_id": "SUSE Real Time Module 15 SP3",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-module-rt:15:sp3"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Micro 5.1",
                "product": {
                  "name": "SUSE Linux Enterprise Micro 5.1",
                  "product_id": "SUSE Linux Enterprise Micro 5.1",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:suse-microos:5.1"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Micro 5.2",
                "product": {
                  "name": "SUSE Linux Enterprise Micro 5.2",
                  "product_id": "SUSE Linux Enterprise Micro 5.2",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:suse-microos:5.2"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cluster-md-kmp-rt-5.3.18-150300.127.1.x86_64 as component of SUSE Real Time Module 15 SP3",
          "product_id": "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.127.1.x86_64"
        },
        "product_reference": "cluster-md-kmp-rt-5.3.18-150300.127.1.x86_64",
        "relates_to_product_reference": "SUSE Real Time Module 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dlm-kmp-rt-5.3.18-150300.127.1.x86_64 as component of SUSE Real Time Module 15 SP3",
          "product_id": "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.127.1.x86_64"
        },
        "product_reference": "dlm-kmp-rt-5.3.18-150300.127.1.x86_64",
        "relates_to_product_reference": "SUSE Real Time Module 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gfs2-kmp-rt-5.3.18-150300.127.1.x86_64 as component of SUSE Real Time Module 15 SP3",
          "product_id": "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.127.1.x86_64"
        },
        "product_reference": "gfs2-kmp-rt-5.3.18-150300.127.1.x86_64",
        "relates_to_product_reference": "SUSE Real Time Module 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-devel-rt-5.3.18-150300.127.1.noarch as component of SUSE Real Time Module 15 SP3",
          "product_id": "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.127.1.noarch"
        },
        "product_reference": "kernel-devel-rt-5.3.18-150300.127.1.noarch",
        "relates_to_product_reference": "SUSE Real Time Module 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-5.3.18-150300.127.1.x86_64 as component of SUSE Real Time Module 15 SP3",
          "product_id": "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.127.1.x86_64"
        },
        "product_reference": "kernel-rt-5.3.18-150300.127.1.x86_64",
        "relates_to_product_reference": "SUSE Real Time Module 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-devel-5.3.18-150300.127.1.x86_64 as component of SUSE Real Time Module 15 SP3",
          "product_id": "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.127.1.x86_64"
        },
        "product_reference": "kernel-rt-devel-5.3.18-150300.127.1.x86_64",
        "relates_to_product_reference": "SUSE Real Time Module 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt_debug-devel-5.3.18-150300.127.1.x86_64 as component of SUSE Real Time Module 15 SP3",
          "product_id": "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.127.1.x86_64"
        },
        "product_reference": "kernel-rt_debug-devel-5.3.18-150300.127.1.x86_64",
        "relates_to_product_reference": "SUSE Real Time Module 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-source-rt-5.3.18-150300.127.1.noarch as component of SUSE Real Time Module 15 SP3",
          "product_id": "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.127.1.noarch"
        },
        "product_reference": "kernel-source-rt-5.3.18-150300.127.1.noarch",
        "relates_to_product_reference": "SUSE Real Time Module 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-rt-5.3.18-150300.127.1.x86_64 as component of SUSE Real Time Module 15 SP3",
          "product_id": "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.127.1.x86_64"
        },
        "product_reference": "kernel-syms-rt-5.3.18-150300.127.1.x86_64",
        "relates_to_product_reference": "SUSE Real Time Module 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ocfs2-kmp-rt-5.3.18-150300.127.1.x86_64 as component of SUSE Real Time Module 15 SP3",
          "product_id": "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.127.1.x86_64"
        },
        "product_reference": "ocfs2-kmp-rt-5.3.18-150300.127.1.x86_64",
        "relates_to_product_reference": "SUSE Real Time Module 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-5.3.18-150300.127.1.x86_64 as component of SUSE Linux Enterprise Micro 5.1",
          "product_id": "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.127.1.x86_64"
        },
        "product_reference": "kernel-rt-5.3.18-150300.127.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-5.3.18-150300.127.1.x86_64 as component of SUSE Linux Enterprise Micro 5.2",
          "product_id": "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.127.1.x86_64"
        },
        "product_reference": "kernel-rt-5.3.18-150300.127.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2020-36691",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-36691"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was discovered in the Linux kernel before 5.8. lib/nlattr.c allows attackers to cause a denial of service (unbounded recursion) via a nested Netlink policy with a back reference.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.127.1.noarch",
          "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.127.1.noarch",
          "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.127.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-36691",
          "url": "https://www.suse.com/security/cve/CVE-2020-36691"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1209613 for CVE-2020-36691",
          "url": "https://bugzilla.suse.com/1209613"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1209777 for CVE-2020-36691",
          "url": "https://bugzilla.suse.com/1209777"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.127.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.127.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.127.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.127.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.127.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.127.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2023-05-09T15:04:16Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2020-36691"
    },
    {
      "cve": "CVE-2022-2196",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-2196"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A regression exists in the Linux Kernel within KVM: nVMX that allowed for speculative execution attacks.  L2 can carry out Spectre v2 attacks on L1 due to L1 thinking it doesn\u0027t need retpolines or IBPB  after running L2 due to KVM (L0) advertising eIBRS support to L1. An attacker at L2 with code execution can execute code on an indirect branch on the host machine. We recommend upgrading to Kernel 6.2 or past commit  2e7eab81425a",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.127.1.noarch",
          "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.127.1.noarch",
          "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.127.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-2196",
          "url": "https://www.suse.com/security/cve/CVE-2022-2196"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1206992 for CVE-2022-2196",
          "url": "https://bugzilla.suse.com/1206992"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.127.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.127.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.127.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.127.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.127.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.127.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2023-05-09T15:04:16Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-2196"
    },
    {
      "cve": "CVE-2023-1611",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-1611"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free flaw was found in btrfs_search_slot in fs/btrfs/ctree.c in btrfs in the Linux Kernel.This flaw allows an attacker to crash the system and possibly cause a kernel information lea",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.127.1.noarch",
          "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.127.1.noarch",
          "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.127.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-1611",
          "url": "https://www.suse.com/security/cve/CVE-2023-1611"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1209687 for CVE-2023-1611",
          "url": "https://bugzilla.suse.com/1209687"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.127.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.127.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.127.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.127.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.127.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.127.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2023-05-09T15:04:16Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2023-1611"
    },
    {
      "cve": "CVE-2023-1670",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-1670"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw use after free in the Linux kernel Xircom 16-bit PCMCIA (PC-card) Ethernet driver was found.A local user could use this flaw to crash the system or potentially escalate their privileges on the system.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.127.1.noarch",
          "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.127.1.noarch",
          "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.127.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-1670",
          "url": "https://www.suse.com/security/cve/CVE-2023-1670"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1209871 for CVE-2023-1670",
          "url": "https://bugzilla.suse.com/1209871"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1222212 for CVE-2023-1670",
          "url": "https://bugzilla.suse.com/1222212"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.127.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.127.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.127.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.127.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.127.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.127.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2023-05-09T15:04:16Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2023-1670"
    },
    {
      "cve": "CVE-2023-1838",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-1838"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free flaw was found in vhost_net_set_backend in drivers/vhost/net.c in virtio network subcomponent in the Linux kernel due to a double fget. This flaw could allow a local attacker to crash the system, and could even lead to a kernel information leak problem.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.127.1.noarch",
          "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.127.1.noarch",
          "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.127.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-1838",
          "url": "https://www.suse.com/security/cve/CVE-2023-1838"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1210203 for CVE-2023-1838",
          "url": "https://bugzilla.suse.com/1210203"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.127.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.127.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.127.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.127.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.127.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.127.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2023-05-09T15:04:16Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2023-1838"
    },
    {
      "cve": "CVE-2023-1855",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-1855"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free flaw was found in xgene_hwmon_remove in drivers/hwmon/xgene-hwmon.c in the Hardware Monitoring Linux Kernel Driver (xgene-hwmon). This flaw could allow a local attacker to crash the system due to a race problem. This vulnerability could even lead to a kernel information leak problem.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.127.1.noarch",
          "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.127.1.noarch",
          "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.127.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-1855",
          "url": "https://www.suse.com/security/cve/CVE-2023-1855"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1210202 for CVE-2023-1855",
          "url": "https://bugzilla.suse.com/1210202"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.127.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.127.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.127.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.127.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.127.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.127.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2023-05-09T15:04:16Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2023-1855"
    },
    {
      "cve": "CVE-2023-1872",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-1872"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free vulnerability in the Linux Kernel io_uring system can be exploited to achieve local privilege escalation.\n\nThe io_file_get_fixed function lacks the presence of ctx-\u003euring_lock which can lead to a Use-After-Free vulnerability due a race condition with fixed files getting unregistered.\n\nWe recommend upgrading past commit da24142b1ef9fd5d36b76e36bab328a5b27523e8.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.127.1.noarch",
          "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.127.1.noarch",
          "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.127.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-1872",
          "url": "https://www.suse.com/security/cve/CVE-2023-1872"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1210414 for CVE-2023-1872",
          "url": "https://bugzilla.suse.com/1210414"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1210417 for CVE-2023-1872",
          "url": "https://bugzilla.suse.com/1210417"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.127.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.127.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.127.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.127.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.127.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.127.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2023-05-09T15:04:16Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-1872"
    },
    {
      "cve": "CVE-2023-1989",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-1989"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free flaw was found in btsdio_remove in drivers\\bluetooth\\btsdio.c in the Linux Kernel. In this flaw, a call to btsdio_remove with an unfinished job, may cause a race problem leading to a UAF on hdev devices.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.127.1.noarch",
          "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.127.1.noarch",
          "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.127.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-1989",
          "url": "https://www.suse.com/security/cve/CVE-2023-1989"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1210336 for CVE-2023-1989",
          "url": "https://bugzilla.suse.com/1210336"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1210500 for CVE-2023-1989",
          "url": "https://bugzilla.suse.com/1210500"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1213841 for CVE-2023-1989",
          "url": "https://bugzilla.suse.com/1213841"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1213842 for CVE-2023-1989",
          "url": "https://bugzilla.suse.com/1213842"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1214128 for CVE-2023-1989",
          "url": "https://bugzilla.suse.com/1214128"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.127.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.127.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.127.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.127.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.127.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.127.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2023-05-09T15:04:16Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-1989"
    },
    {
      "cve": "CVE-2023-1990",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-1990"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free flaw was found in ndlc_remove in drivers/nfc/st-nci/ndlc.c in the Linux Kernel. This flaw could allow an attacker to crash the system due to a race problem.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.127.1.noarch",
          "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.127.1.noarch",
          "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.127.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-1990",
          "url": "https://www.suse.com/security/cve/CVE-2023-1990"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1210337 for CVE-2023-1990",
          "url": "https://bugzilla.suse.com/1210337"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1210501 for CVE-2023-1990",
          "url": "https://bugzilla.suse.com/1210501"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1214128 for CVE-2023-1990",
          "url": "https://bugzilla.suse.com/1214128"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.127.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.127.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.127.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.127.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.127.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.127.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2023-05-09T15:04:16Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-1990"
    },
    {
      "cve": "CVE-2023-1998",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-1998"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The Linux kernel allows userspace processes to enable mitigations by calling prctl with PR_SET_SPECULATION_CTRL which disables the speculation feature as well as by using seccomp. We had noticed that on VMs of at least one major cloud provider, the kernel still left the victim process exposed to attacks in some cases even after enabling the spectre-BTI mitigation with prctl. The same behavior can be observed on a bare-metal machine when forcing the mitigation to IBRS on boot command line.\n\nThis happened because when plain IBRS was enabled (not enhanced IBRS), the kernel had some logic that determined that STIBP was not needed. The IBRS bit implicitly protects against cross-thread branch target injection. However, with legacy IBRS, the IBRS bit was cleared on returning to userspace, due to performance reasons, which disabled the implicit STIBP and left userspace threads vulnerable to cross-thread branch target injection against which STIBP protects.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.127.1.noarch",
          "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.127.1.noarch",
          "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.127.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-1998",
          "url": "https://www.suse.com/security/cve/CVE-2023-1998"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1210506 for CVE-2023-1998",
          "url": "https://bugzilla.suse.com/1210506"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.127.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.127.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.127.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.127.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.127.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.127.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2023-05-09T15:04:16Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2023-1998"
    },
    {
      "cve": "CVE-2023-2008",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-2008"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw was found in the Linux kernel\u0027s udmabuf device driver. The specific flaw exists within a fault handler. The issue results from the lack of proper validation of user-supplied data, which can result in a memory access past the end of an array. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the kernel.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.127.1.noarch",
          "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.127.1.noarch",
          "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.127.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-2008",
          "url": "https://www.suse.com/security/cve/CVE-2023-2008"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1210453 for CVE-2023-2008",
          "url": "https://bugzilla.suse.com/1210453"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.127.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.127.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.127.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.127.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.127.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.127.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2023-05-09T15:04:16Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2023-2008"
    },
    {
      "cve": "CVE-2023-2124",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-2124"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An out-of-bounds memory access flaw was found in the Linux kernel\u0027s XFS file system in how a user restores an XFS image after failure (with a dirty log journal). This flaw allows a local user to crash or potentially escalate their privileges on the system.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.127.1.noarch",
          "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.127.1.noarch",
          "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.127.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-2124",
          "url": "https://www.suse.com/security/cve/CVE-2023-2124"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1210498 for CVE-2023-2124",
          "url": "https://bugzilla.suse.com/1210498"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.127.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.127.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.127.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.127.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.127.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.127.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2023-05-09T15:04:16Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2023-2124"
    },
    {
      "cve": "CVE-2023-2162",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-2162"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free vulnerability was found in iscsi_sw_tcp_session_create in drivers/scsi/iscsi_tcp.c in SCSI sub-component in the Linux Kernel. In this flaw an attacker could leak kernel internal information.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.127.1.noarch",
          "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.127.1.noarch",
          "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.127.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-2162",
          "url": "https://www.suse.com/security/cve/CVE-2023-2162"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1210647 for CVE-2023-2162",
          "url": "https://bugzilla.suse.com/1210647"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1210662 for CVE-2023-2162",
          "url": "https://bugzilla.suse.com/1210662"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1213841 for CVE-2023-2162",
          "url": "https://bugzilla.suse.com/1213841"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1213842 for CVE-2023-2162",
          "url": "https://bugzilla.suse.com/1213842"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1214128 for CVE-2023-2162",
          "url": "https://bugzilla.suse.com/1214128"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1222212 for CVE-2023-2162",
          "url": "https://bugzilla.suse.com/1222212"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.127.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.127.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.127.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.127.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.127.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.127.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2023-05-09T15:04:16Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-2162"
    },
    {
      "cve": "CVE-2023-2176",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-2176"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A vulnerability was found in compare_netdev_and_ip in drivers/infiniband/core/cma.c in RDMA in the Linux Kernel. The improper cleanup results in out-of-boundary read, where a local user can utilize this problem to crash the system or escalation of privilege.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.127.1.noarch",
          "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.127.1.noarch",
          "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.127.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-2176",
          "url": "https://www.suse.com/security/cve/CVE-2023-2176"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1210629 for CVE-2023-2176",
          "url": "https://bugzilla.suse.com/1210629"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1210630 for CVE-2023-2176",
          "url": "https://bugzilla.suse.com/1210630"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1213842 for CVE-2023-2176",
          "url": "https://bugzilla.suse.com/1213842"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.127.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.127.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.127.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.127.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.127.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.127.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2023-05-09T15:04:16Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-2176"
    },
    {
      "cve": "CVE-2023-30772",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-30772"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The Linux kernel before 6.2.9 has a race condition and resultant use-after-free in drivers/power/supply/da9150-charger.c if a physically proximate attacker unplugs a device.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.127.1.noarch",
          "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.127.1.noarch",
          "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.127.1.x86_64",
          "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.127.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-30772",
          "url": "https://www.suse.com/security/cve/CVE-2023-30772"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1210329 for CVE-2023-30772",
          "url": "https://bugzilla.suse.com/1210329"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.127.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.127.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.127.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.127.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.127.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.127.1.x86_64",
            "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.127.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2023-05-09T15:04:16Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2023-30772"
    }
  ]
}