Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2023-2483 (GCVE-0-2023-2483)
Vulnerability from cvelistv5 – Published: – Updated: 2023-05-23 00:00
VLAI
EPSS
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2023-33203. Reason: This candidate is a reservation duplicate of CVE-2023-33203. Notes: All CVE users should reference CVE-2023-33203 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
Show details on NVD website{
"containers": {
"cna": {
"providerMetadata": {
"dateUpdated": "2023-05-23T00:00:00.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"rejectedReasons": [
{
"lang": "en",
"value": "DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2023-33203. Reason: This candidate is a reservation duplicate of CVE-2023-33203. Notes: All CVE users should reference CVE-2023-33203 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2023-2483",
"dateRejected": "2023-05-23T00:00:00.000Z",
"dateReserved": "2023-05-02T00:00:00.000Z",
"dateUpdated": "2023-05-23T00:00:00.000Z",
"state": "REJECTED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.0",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"descriptions": "[{\"lang\": \"en\", \"value\": \"Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2023-33203. Reason: This candidate is a reservation duplicate of CVE-2023-33203. Notes: All CVE users should reference CVE-2023-33203 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.\"}]",
"id": "CVE-2023-2483",
"lastModified": "2023-11-07T04:12:45.080",
"published": "2023-05-23T13:15:09.783",
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Rejected"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2023-2483\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2023-05-23T13:15:09.783\",\"lastModified\":\"2023-11-07T04:12:45.080\",\"vulnStatus\":\"Rejected\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2023-33203. Reason: This candidate is a reservation duplicate of CVE-2023-33203. Notes: All CVE users should reference CVE-2023-33203 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.\"}],\"metrics\":{},\"references\":[]}}"
}
}
CERTFR-2023-AVI-0395
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans le noyau Linux de SUSE. Elles permettent à un attaquant de provoquer une élévation de privilèges, une atteinte à la confidentialité des données, une exécution de code arbitraire à distance, une atteinte à l'intégrité des données, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 15 SP4 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP Applications 12 SP4 | ||
| SUSE | N/A | SUSE OpenStack Cloud Crowbar 9 | ||
| SUSE | openSUSE Leap | openSUSE Leap 15.4 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro for Rancher 5.4 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 12 SP4 LTSS 12-SP4 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro 5.3 | ||
| SUSE | N/A | SUSE Linux Enterprise High Availability Extension 12 SP4 | ||
| SUSE | openSUSE Leap | openSUSE Leap Micro 5.3 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro for Rancher 5.3 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 12 SP4 ESPOS 12-SP4 | ||
| SUSE | SUSE Linux Enterprise Real Time | SUSE Linux Enterprise Real Time 15 SP4 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 12 SP4 | ||
| SUSE | SUSE Real Time Module | SUSE Real Time Module 15-SP4 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP Applications 15 SP4 | ||
| SUSE | N/A | SUSE OpenStack Cloud 9 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15 SP4 | ||
| SUSE | SUSE Linux Enterprise Live Patching | SUSE Linux Enterprise Live Patching 12-SP4 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 12 SP4 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro 5.4 | ||
| SUSE | SUSE Linux Enterprise Live Patching | SUSE Linux Enterprise Live Patching 15-SP4 |
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SUSE Linux Enterprise High Performance Computing 15 SP4",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE OpenStack Cloud Crowbar 9",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "openSUSE Leap 15.4",
"product": {
"name": "openSUSE Leap",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro for Rancher 5.4",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 12 SP4 LTSS 12-SP4",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.3",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Availability Extension 12 SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "openSUSE Leap Micro 5.3",
"product": {
"name": "openSUSE Leap",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro for Rancher 5.3",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 12 SP4 ESPOS 12-SP4",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Real Time 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Real Time",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 12 SP4",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Real Time Module 15-SP4",
"product": {
"name": "SUSE Real Time Module",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE OpenStack Cloud 9",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 12-SP4",
"product": {
"name": "SUSE Linux Enterprise Live Patching",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 12 SP4",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.4",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 15-SP4",
"product": {
"name": "SUSE Linux Enterprise Live Patching",
"vendor": {
"name": "SUSE",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2023-30772",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30772"
},
{
"name": "CVE-2023-28328",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28328"
},
{
"name": "CVE-2023-2008",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2008"
},
{
"name": "CVE-2023-1076",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1076"
},
{
"name": "CVE-2023-2235",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2235"
},
{
"name": "CVE-2023-23454",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23454"
},
{
"name": "CVE-2021-4203",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4203"
},
{
"name": "CVE-2023-23455",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23455"
},
{
"name": "CVE-2023-1989",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1989"
},
{
"name": "CVE-2023-1855",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1855"
},
{
"name": "CVE-2023-2019",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2019"
},
{
"name": "CVE-2022-2196",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2196"
},
{
"name": "CVE-2023-1390",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1390"
},
{
"name": "CVE-2021-3923",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3923"
},
{
"name": "CVE-2023-1670",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1670"
},
{
"name": "CVE-2023-2176",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2176"
},
{
"name": "CVE-2023-2162",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2162"
},
{
"name": "CVE-2023-1990",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1990"
},
{
"name": "CVE-2023-28464",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28464"
},
{
"name": "CVE-2023-1998",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1998"
},
{
"name": "CVE-2023-28772",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28772"
},
{
"name": "CVE-2022-43945",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43945"
},
{
"name": "CVE-2017-5753",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5753"
},
{
"name": "CVE-2022-20567",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20567"
},
{
"name": "CVE-2023-1095",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1095"
},
{
"name": "CVE-2023-1118",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1118"
},
{
"name": "CVE-2023-0386",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0386"
},
{
"name": "CVE-2020-36691",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36691"
},
{
"name": "CVE-2023-23006",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23006"
},
{
"name": "CVE-2023-1513",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1513"
},
{
"name": "CVE-2023-2483",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2483"
},
{
"name": "CVE-2023-0597",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0597"
},
{
"name": "CVE-2023-0590",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0590"
},
{
"name": "CVE-2023-1611",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1611"
},
{
"name": "CVE-2023-2124",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2124"
}
],
"links": [],
"reference": "CERTFR-2023-AVI-0395",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-05-19T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans \u003cspan\nclass=\"textit\"\u003ele noyau Linux de SUSE\u003c/span\u003e. Elles permettent \u00e0 un\nattaquant de provoquer une \u00e9l\u00e9vation de privil\u00e8ges, une atteinte \u00e0 la\nconfidentialit\u00e9 des donn\u00e9es, une ex\u00e9cution de code arbitraire \u00e0\ndistance, une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es, un d\u00e9ni de service\u00a0\u00e0\ndistance et un contournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de SUSE",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2023:2232-1 du 17 mai 2023",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20232232-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2023:2231-1 du 17 mai 2023",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20232231-1/"
}
]
}
CERTFR-2023-AVI-0474
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans le noyau Linux de SUSE. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, une exécution de code arbitraire et un déni de service.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| SUSE | SUSE Linux Enterprise Real Time | SUSE Linux Enterprise Real Time 15 SP3 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE 11-SP4 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 12 SP5 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 15 SP4 | ||
| SUSE | Public Cloud Module | Public Cloud Module 15-SP4 | ||
| SUSE | SUSE Manager Retail Branch Server | SUSE Manager Retail Branch Server 4.3 | ||
| SUSE | openSUSE Leap | openSUSE Leap 15.4 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP Applications 12 SP5 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 12 SP5 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro 5.2 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro 5.1 | ||
| SUSE | SUSE Linux Enterprise Real Time | SUSE Linux Enterprise Real Time 12 SP5 | ||
| SUSE | SUSE Manager Proxy | SUSE Manager Proxy 4.3 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro for Rancher 5.2 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 11 SP4 | ||
| SUSE | SUSE Real Time Module | SUSE Real Time Module 15-SP3 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP Applications 15 SP4 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15 SP4 | ||
| SUSE | SUSE Manager Server | SUSE Manager Server 4.3 |
References
| Title | Publication Time | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SUSE Linux Enterprise Real Time 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Real Time",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE 11-SP4",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 12 SP5",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15 SP4",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "Public Cloud Module 15-SP4",
"product": {
"name": "Public Cloud Module",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Retail Branch Server 4.3",
"product": {
"name": "SUSE Manager Retail Branch Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "openSUSE Leap 15.4",
"product": {
"name": "openSUSE Leap",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.2",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.1",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Real Time 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Real Time",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Proxy 4.3",
"product": {
"name": "SUSE Manager Proxy",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro for Rancher 5.2",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 11 SP4",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Real Time Module 15-SP3",
"product": {
"name": "SUSE Real Time Module",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Server 4.3",
"product": {
"name": "SUSE Manager Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2023-1382",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1382"
},
{
"name": "CVE-2023-3006",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3006"
},
{
"name": "CVE-2023-28466",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28466"
},
{
"name": "CVE-2023-28328",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28328"
},
{
"name": "CVE-2023-23454",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23454"
},
{
"name": "CVE-2023-2002",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2002"
},
{
"name": "CVE-2023-23455",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23455"
},
{
"name": "CVE-2022-4269",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4269"
},
{
"name": "CVE-2022-45884",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45884"
},
{
"name": "CVE-2023-1989",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1989"
},
{
"name": "CVE-2022-3567",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3567"
},
{
"name": "CVE-2023-2513",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2513"
},
{
"name": "CVE-2023-31084",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31084"
},
{
"name": "CVE-2022-45919",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45919"
},
{
"name": "CVE-2023-31436",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31436"
},
{
"name": "CVE-2023-2194",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2194"
},
{
"name": "CVE-2023-32269",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32269"
},
{
"name": "CVE-2022-45886",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45886"
},
{
"name": "CVE-2023-23586",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23586"
},
{
"name": "CVE-2023-1670",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1670"
},
{
"name": "CVE-2023-2176",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2176"
},
{
"name": "CVE-2023-2162",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2162"
},
{
"name": "CVE-2023-1079",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1079"
},
{
"name": "CVE-2023-23559",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23559"
},
{
"name": "CVE-2023-33288",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33288"
},
{
"name": "CVE-2023-28410",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28410"
},
{
"name": "CVE-2017-5753",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5753"
},
{
"name": "CVE-2023-1380",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1380"
},
{
"name": "CVE-2022-45887",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45887"
},
{
"name": "CVE-2023-1118",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1118"
},
{
"name": "CVE-2023-2269",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2269"
},
{
"name": "CVE-2023-30456",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30456"
},
{
"name": "CVE-2022-45885",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45885"
},
{
"name": "CVE-2023-1513",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1513"
},
{
"name": "CVE-2023-2483",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2483"
},
{
"name": "CVE-2020-36694",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36694"
},
{
"name": "CVE-2023-32233",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32233"
},
{
"name": "CVE-2023-2156",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2156"
},
{
"name": "CVE-2023-1637",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1637"
},
{
"name": "CVE-2018-9517",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9517"
},
{
"name": "CVE-2023-0590",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0590"
},
{
"name": "CVE-2022-3566",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3566"
},
{
"name": "CVE-2023-2124",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2124"
}
],
"links": [],
"reference": "CERTFR-2023-AVI-0474",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-06-16T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de\nSUSE. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer un\nprobl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, une ex\u00e9cution de code\narbitraire et un d\u00e9ni de service.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de SUSE",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20232506-1 du 14 juin 2023",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20232506-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20232502-1 du 13 juin 2023",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20232502-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20232500-1 du 13 juin 2023",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20232500-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20232507-1 du 14 juin 2023",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20232507-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20232501-1 du 13 juin 2023",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20232501-1/"
}
]
}
CERTFR-2023-AVI-0489
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans le noyau Linux de SUSE. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, une élévation de privilèges et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP Applications 15 SP1 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing ESPOS 15 SP3 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 | ||
| SUSE | openSUSE Leap | openSUSE Leap 15.5 | ||
| SUSE | SUSE Linux Enterprise Real Time | SUSE Linux Enterprise Real Time 15 SP3 | ||
| SUSE | SUSE Manager Retail Branch Server | SUSE Manager Retail Branch Server 4.2 | ||
| SUSE | N/A | SUSE CaaS Platform 4.0 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 12 SP5 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP Applications 12 SP4 | ||
| SUSE | N/A | SUSE OpenStack Cloud Crowbar 9 | ||
| SUSE | SUSE Manager Proxy | SUSE Manager Proxy 4.2 | ||
| SUSE | SUSE Linux Enterprise Live Patching | SUSE Linux Enterprise Live Patching 15-SP1 | ||
| SUSE | SUSE Linux Enterprise Live Patching | SUSE Linux Enterprise Live Patching 12-SP5 | ||
| SUSE | openSUSE Leap | openSUSE Leap 15.4 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP Applications 12 SP5 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 12 SP5 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro 5.2 | ||
| SUSE | SUSE Manager Server | SUSE Manager Server 4.2 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15 SP1 Business Critical Linux 15-SP1 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP Applications 15 SP3 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro 5.1 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15 SP1 LTSS 15-SP1 | ||
| SUSE | N/A | SUSE Linux Enterprise High Availability Extension 12 SP5 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 12 SP4 LTSS 12-SP4 | ||
| SUSE | SUSE Manager Server | SUSE Manager Server 4.0 | ||
| SUSE | N/A | SUSE Linux Enterprise High Availability Extension 15 SP3 | ||
| SUSE | N/A | SUSE Linux Enterprise High Availability Extension 12 SP4 | ||
| SUSE | N/A | SUSE Linux Enterprise Workstation Extension 12 12-SP5 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 12 SP4 ESPOS 12-SP4 | ||
| SUSE | SUSE Manager Proxy | SUSE Manager Proxy 4.0 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15 SP3 Business Critical Linux 15-SP3 | ||
| SUSE | N/A | SUSE Enterprise Storage 7.1 | ||
| SUSE | SUSE Linux Enterprise Live Patching | SUSE Linux Enterprise Live Patching 15-SP3 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 12 SP4 | ||
| SUSE | N/A | SUSE Linux Enterprise High Availability Extension 15 SP1 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro for Rancher 5.2 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15 SP1 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 15 SP1 LTSS 15-SP1 | ||
| SUSE | N/A | SUSE Linux Enterprise Software Development Kit 12 SP5 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 15 SP3 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 15 SP1 | ||
| SUSE | N/A | SUSE OpenStack Cloud 9 | ||
| SUSE | SUSE Linux Enterprise Live Patching | SUSE Linux Enterprise Live Patching 12-SP4 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 12 SP4 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15 SP3 | ||
| SUSE | SUSE Manager Retail Branch Server | SUSE Manager Retail Branch Server 4.0 |
References
| Title | Publication Time | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing ESPOS 15 SP3",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing LTSS 15 SP3",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "openSUSE Leap 15.5",
"product": {
"name": "openSUSE Leap",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Real Time 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Real Time",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Retail Branch Server 4.2",
"product": {
"name": "SUSE Manager Retail Branch Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE CaaS Platform 4.0",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 12 SP5",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE OpenStack Cloud Crowbar 9",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Proxy 4.2",
"product": {
"name": "SUSE Manager Proxy",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 15-SP1",
"product": {
"name": "SUSE Linux Enterprise Live Patching",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 12-SP5",
"product": {
"name": "SUSE Linux Enterprise Live Patching",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "openSUSE Leap 15.4",
"product": {
"name": "openSUSE Leap",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.2",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Server 4.2",
"product": {
"name": "SUSE Manager Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP1 Business Critical Linux 15-SP1",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.1",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP1 LTSS 15-SP1",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Availability Extension 12 SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 12 SP4 LTSS 12-SP4",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Server 4.0",
"product": {
"name": "SUSE Manager Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Availability Extension 15 SP3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Availability Extension 12 SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Workstation Extension 12 12-SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 12 SP4 ESPOS 12-SP4",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Proxy 4.0",
"product": {
"name": "SUSE Manager Proxy",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP3 Business Critical Linux 15-SP3",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Enterprise Storage 7.1",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 15-SP3",
"product": {
"name": "SUSE Linux Enterprise Live Patching",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 12 SP4",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Availability Extension 15 SP1",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro for Rancher 5.2",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP1",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15 SP1 LTSS 15-SP1",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Software Development Kit 12 SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15 SP3",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15 SP1",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE OpenStack Cloud 9",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 12-SP4",
"product": {
"name": "SUSE Linux Enterprise Live Patching",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 12 SP4",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Retail Branch Server 4.0",
"product": {
"name": "SUSE Manager Retail Branch Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2023-28466",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28466"
},
{
"name": "CVE-2022-4269",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4269"
},
{
"name": "CVE-2022-45884",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45884"
},
{
"name": "CVE-2023-2513",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2513"
},
{
"name": "CVE-2023-31084",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31084"
},
{
"name": "CVE-2022-45919",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45919"
},
{
"name": "CVE-2023-31436",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31436"
},
{
"name": "CVE-2023-2194",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2194"
},
{
"name": "CVE-2023-32269",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32269"
},
{
"name": "CVE-2022-45886",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45886"
},
{
"name": "CVE-2023-23586",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23586"
},
{
"name": "CVE-2023-2176",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2176"
},
{
"name": "CVE-2023-1079",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1079"
},
{
"name": "CVE-2023-33288",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33288"
},
{
"name": "CVE-2023-1380",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1380"
},
{
"name": "CVE-2022-45887",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45887"
},
{
"name": "CVE-2021-29650",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29650"
},
{
"name": "CVE-2023-2269",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2269"
},
{
"name": "CVE-2022-45885",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45885"
},
{
"name": "CVE-2023-1077",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1077"
},
{
"name": "CVE-2023-2483",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2483"
},
{
"name": "CVE-2020-36694",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36694"
},
{
"name": "CVE-2023-32233",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32233"
},
{
"name": "CVE-2023-2156",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2156"
},
{
"name": "CVE-2023-1637",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1637"
},
{
"name": "CVE-2022-3566",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3566"
}
],
"links": [],
"reference": "CERTFR-2023-AVI-0489",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-06-23T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans \u003cspan\nclass=\"textit\"\u003ele noyau Linux de SUSE\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire,\nune \u00e9l\u00e9vation de privil\u00e8ges et une atteinte \u00e0 la confidentialit\u00e9 des\ndonn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de SUSE",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2023:2611-1 du 22 juin 2023",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20232611-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2023:2534-1 du 19 juin 2023",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20232534-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2023:2538-1 du 19 juin 2023",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20232538-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2023:2537-1 du 19 juin 2023",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20232537-1/"
}
]
}
CERTFR-2023-AVI-0507
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans le noyau Linux de SUSE. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, une exécution de code arbitraire et un déni de service à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP Applications 15 SP1 | ||
| SUSE | N/A | SUSE Linux Enterprise Workstation Extension 15 SP4 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 12 SP5 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 15 SP4 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP Applications 12 SP4 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP Applications 15 SP2 | ||
| SUSE | SUSE Linux Enterprise Live Patching | SUSE Linux Enterprise Live Patching 15-SP2 | ||
| SUSE | SUSE Linux Enterprise Live Patching | SUSE Linux Enterprise Live Patching 15-SP1 | ||
| SUSE | SUSE Manager Retail Branch Server | SUSE Manager Retail Branch Server 4.3 | ||
| SUSE | SUSE Linux Enterprise Live Patching | SUSE Linux Enterprise Live Patching 12-SP5 | ||
| SUSE | openSUSE Leap | openSUSE Leap 15.4 | ||
| SUSE | Basesystem Module | Basesystem Module 15-SP4 | ||
| SUSE | N/A | SUSE Linux Enterprise High Availability Extension 15 SP4 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP Applications 12 SP5 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 12 SP5 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro 5.2 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP Applications 15 SP3 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro 5.1 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro for Rancher 5.4 | ||
| SUSE | SUSE Manager Server | SUSE Manager Server 4.1 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro 5.3 | ||
| SUSE | N/A | Legacy Module 15-SP4 | ||
| SUSE | N/A | SUSE Enterprise Storage 7 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 | ||
| SUSE | openSUSE Leap | openSUSE Leap Micro 5.3 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro for Rancher 5.3 | ||
| SUSE | SUSE Manager Retail Branch Server | SUSE Manager Retail Branch Server 4.1 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15 SP2 Business Critical Linux 15-SP2 | ||
| SUSE | SUSE Linux Enterprise Real Time | SUSE Linux Enterprise Real Time 15 SP4 | ||
| SUSE | SUSE Manager Proxy | SUSE Manager Proxy 4.3 | ||
| SUSE | SUSE Linux Enterprise Live Patching | SUSE Linux Enterprise Live Patching 15-SP3 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 12 SP4 | ||
| SUSE | N/A | SUSE Linux Enterprise High Availability Extension 15 SP2 | ||
| SUSE | SUSE Manager Proxy | SUSE Manager Proxy 4.1 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP Applications 15 SP4 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15 SP1 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 15 SP3 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 15 SP1 | ||
| SUSE | N/A | Development Tools Module 15-SP4 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15 SP4 | ||
| SUSE | SUSE Linux Enterprise Live Patching | SUSE Linux Enterprise Live Patching 12-SP4 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15 SP2 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 12 SP4 | ||
| SUSE | SUSE Manager Server | SUSE Manager Server 4.3 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 | ||
| SUSE | SUSE Linux Enterprise Desktop | SUSE Linux Enterprise Desktop 15 SP4 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15 SP3 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro 5.4 | ||
| SUSE | SUSE Linux Enterprise Live Patching | SUSE Linux Enterprise Live Patching 15-SP4 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 15 SP2 |
References
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Workstation Extension 15 SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 12 SP5",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15 SP4",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 15-SP2",
"product": {
"name": "SUSE Linux Enterprise Live Patching",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 15-SP1",
"product": {
"name": "SUSE Linux Enterprise Live Patching",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Retail Branch Server 4.3",
"product": {
"name": "SUSE Manager Retail Branch Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 12-SP5",
"product": {
"name": "SUSE Linux Enterprise Live Patching",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "openSUSE Leap 15.4",
"product": {
"name": "openSUSE Leap",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "Basesystem Module 15-SP4",
"product": {
"name": "Basesystem Module",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Availability Extension 15 SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.2",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.1",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro for Rancher 5.4",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Server 4.1",
"product": {
"name": "SUSE Manager Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.3",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "Legacy Module 15-SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Enterprise Storage 7",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "openSUSE Leap Micro 5.3",
"product": {
"name": "openSUSE Leap",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro for Rancher 5.3",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Retail Branch Server 4.1",
"product": {
"name": "SUSE Manager Retail Branch Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP2 Business Critical Linux 15-SP2",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Real Time 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Real Time",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Proxy 4.3",
"product": {
"name": "SUSE Manager Proxy",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 15-SP3",
"product": {
"name": "SUSE Linux Enterprise Live Patching",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 12 SP4",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Availability Extension 15 SP2",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Proxy 4.1",
"product": {
"name": "SUSE Manager Proxy",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP1",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15 SP3",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15 SP1",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "Development Tools Module 15-SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 12-SP4",
"product": {
"name": "SUSE Linux Enterprise Live Patching",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP2",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 12 SP4",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Server 4.3",
"product": {
"name": "SUSE Manager Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Desktop 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Desktop",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.4",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 15-SP4",
"product": {
"name": "SUSE Linux Enterprise Live Patching",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15 SP2",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2023-1382",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1382"
},
{
"name": "CVE-2023-3006",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3006"
},
{
"name": "CVE-2023-28466",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28466"
},
{
"name": "CVE-2023-2002",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2002"
},
{
"name": "CVE-2023-23455",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23455"
},
{
"name": "CVE-2022-4269",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4269"
},
{
"name": "CVE-2022-45884",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45884"
},
{
"name": "CVE-2023-2513",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2513"
},
{
"name": "CVE-2023-31084",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31084"
},
{
"name": "CVE-2022-45919",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45919"
},
{
"name": "CVE-2023-31436",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31436"
},
{
"name": "CVE-2023-2194",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2194"
},
{
"name": "CVE-2023-32269",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32269"
},
{
"name": "CVE-2023-1390",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1390"
},
{
"name": "CVE-2022-45886",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45886"
},
{
"name": "CVE-2023-23586",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23586"
},
{
"name": "CVE-2023-2162",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2162"
},
{
"name": "CVE-2023-1079",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1079"
},
{
"name": "CVE-2022-4744",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4744"
},
{
"name": "CVE-2023-33288",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33288"
},
{
"name": "CVE-2023-28410",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28410"
},
{
"name": "CVE-2023-1380",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1380"
},
{
"name": "CVE-2022-45887",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45887"
},
{
"name": "CVE-2021-29650",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29650"
},
{
"name": "CVE-2023-2269",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2269"
},
{
"name": "CVE-2023-30456",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30456"
},
{
"name": "CVE-2022-45885",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45885"
},
{
"name": "CVE-2023-2483",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2483"
},
{
"name": "CVE-2020-36694",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36694"
},
{
"name": "CVE-2023-32233",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32233"
},
{
"name": "CVE-2023-2156",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2156"
},
{
"name": "CVE-2023-1637",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1637"
},
{
"name": "CVE-2022-3566",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3566"
},
{
"name": "CVE-2023-2124",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2124"
}
],
"links": [],
"reference": "CERTFR-2023-AVI-0507",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-06-30T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de\nSUSE. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer un\nprobl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, une ex\u00e9cution de code\narbitraire et un d\u00e9ni de service \u00e0 distance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de SUSE",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20232727-1 du 29 juin 2023",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20232727-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20232681-1 du 28 juin 2023",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20232681-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20232724-1 du 29 juin 2023",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20232724-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20232709-1 du 29 juin 2023",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20232709-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20232708-1 du 29 juin 2023",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20232708-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20232694-1 du 28 juin 2023",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20232694-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20232679-1 du 28 juin 2023",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20232679-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20232720-1 du 29 juin 2023",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20232720-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20232687-1 du 28 juin 2023",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20232687-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20232660-1 du 27 juin 2023",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20232660-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20232700-1 du 28 juin 2023",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20232700-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20232718-1 du 29 juin 2023",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20232718-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20232686-1 du 28 juin 2023",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20232686-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20232666-1 du 28 juin 2023",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20232666-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20232721-1 du 29 juin 2023",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20232721-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20232689-1 du 28 juin 2023",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20232689-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20232698-1 du 28 juin 2023",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20232698-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20232734-1 du 29 juin 2023",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20232734-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20232703-1 du 29 juin 2023",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20232703-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20232651-1 du 27 juin 2023",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20232651-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20232697-1 du 28 juin 2023",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20232697-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20232731-1 du 29 juin 2023",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20232731-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20232701-1 du 29 juin 2023",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20232701-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20232695-1 du 28 juin 2023",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20232695-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20232653-1 du 27 juin 2023",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20232653-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20232702-1 du 29 juin 2023",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20232702-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20232710-1 du 29 juin 2023",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20232710-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20232735-1 du 29 juin 2023",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20232735-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20232714-1 du 29 juin 2023",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20232714-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20232680-1 du 28 juin 2023",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20232680-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20232690-1 du 28 juin 2023",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20232690-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20232719-1 du 29 juin 2023",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20232719-1/"
}
]
}
CERTFR-2023-AVI-0517
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans le noyau Linux de SUSE. Elles permettent à un attaquant de provoquer un contournement de la politique de sécurité, un déni de service, une élévation de privilèges, une atteinte à l'intégrité des données, une atteinte à la confidentialité des données et une exécution de code arbitraire.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 15 SP4 | ||
| SUSE | openSUSE Leap | openSUSE Leap 15.4 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro 5.2 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP Applications 15 SP3 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro 5.1 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro for Rancher 5.4 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro 5.3 | ||
| SUSE | openSUSE Leap | openSUSE Leap Micro 5.3 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro for Rancher 5.3 | ||
| SUSE | SUSE Linux Enterprise Real Time | SUSE Linux Enterprise Real Time 15 SP4 | ||
| SUSE | SUSE Linux Enterprise Live Patching | SUSE Linux Enterprise Live Patching 15-SP3 | ||
| SUSE | SUSE Real Time Module | SUSE Real Time Module 15-SP4 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP Applications 15 SP4 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 15 SP3 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15 SP4 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15 SP3 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro 5.4 | ||
| SUSE | SUSE Linux Enterprise Live Patching | SUSE Linux Enterprise Live Patching 15-SP4 |
References
| Title | Publication Time | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SUSE Linux Enterprise High Performance Computing 15 SP4",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "openSUSE Leap 15.4",
"product": {
"name": "openSUSE Leap",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.2",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.1",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro for Rancher 5.4",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.3",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "openSUSE Leap Micro 5.3",
"product": {
"name": "openSUSE Leap",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro for Rancher 5.3",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Real Time 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Real Time",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 15-SP3",
"product": {
"name": "SUSE Linux Enterprise Live Patching",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Real Time Module 15-SP4",
"product": {
"name": "SUSE Real Time Module",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15 SP3",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.4",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 15-SP4",
"product": {
"name": "SUSE Linux Enterprise Live Patching",
"vendor": {
"name": "SUSE",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2023-1382",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1382"
},
{
"name": "CVE-2023-3006",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3006"
},
{
"name": "CVE-2023-28466",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28466"
},
{
"name": "CVE-2023-2002",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2002"
},
{
"name": "CVE-2023-23455",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23455"
},
{
"name": "CVE-2022-4269",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4269"
},
{
"name": "CVE-2022-45884",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45884"
},
{
"name": "CVE-2023-35788",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35788"
},
{
"name": "CVE-2023-2513",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2513"
},
{
"name": "CVE-2023-35828",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35828"
},
{
"name": "CVE-2023-31084",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31084"
},
{
"name": "CVE-2022-45919",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45919"
},
{
"name": "CVE-2023-31436",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31436"
},
{
"name": "CVE-2023-1390",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1390"
},
{
"name": "CVE-2022-45886",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45886"
},
{
"name": "CVE-2023-2162",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2162"
},
{
"name": "CVE-2023-1079",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1079"
},
{
"name": "CVE-2022-4744",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4744"
},
{
"name": "CVE-2023-33288",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33288"
},
{
"name": "CVE-2023-3161",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3161"
},
{
"name": "CVE-2023-35823",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35823"
},
{
"name": "CVE-2023-28410",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28410"
},
{
"name": "CVE-2023-1380",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1380"
},
{
"name": "CVE-2022-45887",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45887"
},
{
"name": "CVE-2023-21102",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21102"
},
{
"name": "CVE-2023-2269",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2269"
},
{
"name": "CVE-2023-1249",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1249"
},
{
"name": "CVE-2023-3141",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3141"
},
{
"name": "CVE-2023-30456",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30456"
},
{
"name": "CVE-2022-45885",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45885"
},
{
"name": "CVE-2023-1077",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1077"
},
{
"name": "CVE-2023-2483",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2483"
},
{
"name": "CVE-2023-32233",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32233"
},
{
"name": "CVE-2023-2156",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2156"
},
{
"name": "CVE-2023-2124",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2124"
}
],
"links": [],
"reference": "CERTFR-2023-AVI-0517",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-07-07T00:00:00.000000"
}
],
"risks": [
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans \u003cspan\nclass=\"textit\"\u003ele noyau Linux de SUSE\u003c/span\u003e. Elles permettent \u00e0 un\nattaquant de provoquer un contournement de la politique de s\u00e9curit\u00e9, un\nd\u00e9ni de service, une \u00e9l\u00e9vation de privil\u00e8ges, une atteinte \u00e0 l\u0027int\u00e9grit\u00e9\ndes donn\u00e9es, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et une\nex\u00e9cution de code arbitraire.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de SUSE",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2023:2755-1 du 30 juin 2023",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20232755-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2023:2782-1 du 04 juillet 2023",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20232782-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2023:2743-1 du 30 juin 2023",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20232743-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2023:2741-1 du 30 juin 2023",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20232741-1/"
}
]
}
CERTFR-2023-AVI-0544
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans le noyau Linux de SUSE. Certaines d'entre elles permettent à un attaquant de provoquer une atteinte à la confidentialité des données, une élévation de privilèges et une exécution de code arbitraire.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 15 SP5 | ||
| SUSE | openSUSE Leap | openSUSE Leap 15.5 | ||
| SUSE | SUSE Linux Enterprise Live Patching | SUSE Linux Enterprise Live Patching 15-SP5 | ||
| SUSE | SUSE Linux Enterprise Real Time | SUSE Linux Enterprise Real Time 15 SP3 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 12 SP5 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 15 SP4 | ||
| SUSE | openSUSE Leap | openSUSE Leap 15.4 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 12 SP2 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP Applications 12 SP5 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 12 SP5 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro 5.2 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15 SP5 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro 5.1 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro for Rancher 5.4 | ||
| SUSE | SUSE Linux Enterprise Real Time | SUSE Linux Enterprise Real Time 12 SP5 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 12 SP2 BCL 12-SP2 | ||
| SUSE | SUSE Real Time Module | SUSE Real Time Module 15-SP5 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 12 SP2 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP Applications 15 SP5 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro 5.3 | ||
| SUSE | SUSE Linux Enterprise Real Time | SUSE Linux Enterprise Real Time 15 SP5 | ||
| SUSE | openSUSE Leap | openSUSE Leap Micro 5.3 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro for Rancher 5.3 | ||
| SUSE | SUSE Linux Enterprise Real Time | SUSE Linux Enterprise Real Time 15 SP4 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro for Rancher 5.2 | ||
| SUSE | SUSE Real Time Module | SUSE Real Time Module 15-SP4 | ||
| SUSE | SUSE Real Time Module | SUSE Real Time Module 15-SP3 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP Applications 15 SP4 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15 SP4 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro 5.4 | ||
| SUSE | SUSE Linux Enterprise Live Patching | SUSE Linux Enterprise Live Patching 15-SP4 |
References
| Title | Publication Time | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SUSE Linux Enterprise High Performance Computing 15 SP5",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "openSUSE Leap 15.5",
"product": {
"name": "openSUSE Leap",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 15-SP5",
"product": {
"name": "SUSE Linux Enterprise Live Patching",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Real Time 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Real Time",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 12 SP5",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15 SP4",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "openSUSE Leap 15.4",
"product": {
"name": "openSUSE Leap",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 12 SP2",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.2",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.1",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro for Rancher 5.4",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Real Time 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Real Time",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 12 SP2 BCL 12-SP2",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Real Time Module 15-SP5",
"product": {
"name": "SUSE Real Time Module",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 12 SP2",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.3",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Real Time 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Real Time",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "openSUSE Leap Micro 5.3",
"product": {
"name": "openSUSE Leap",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro for Rancher 5.3",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Real Time 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Real Time",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro for Rancher 5.2",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Real Time Module 15-SP4",
"product": {
"name": "SUSE Real Time Module",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Real Time Module 15-SP3",
"product": {
"name": "SUSE Real Time Module",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.4",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 15-SP4",
"product": {
"name": "SUSE Linux Enterprise Live Patching",
"vendor": {
"name": "SUSE",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2018-20784",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20784"
},
{
"name": "CVE-2023-1382",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1382"
},
{
"name": "CVE-2023-3006",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3006"
},
{
"name": "CVE-2023-28466",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28466"
},
{
"name": "CVE-2023-1838",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1838"
},
{
"name": "CVE-2023-30772",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30772"
},
{
"name": "CVE-2023-28328",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28328"
},
{
"name": "CVE-2023-0461",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0461"
},
{
"name": "CVE-2023-1076",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1076"
},
{
"name": "CVE-2023-2235",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2235"
},
{
"name": "CVE-2023-23454",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23454"
},
{
"name": "CVE-2023-2002",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2002"
},
{
"name": "CVE-2023-23455",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23455"
},
{
"name": "CVE-2022-4269",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4269"
},
{
"name": "CVE-2023-3159",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3159"
},
{
"name": "CVE-2022-45884",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45884"
},
{
"name": "CVE-2023-33951",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33951"
},
{
"name": "CVE-2023-35788",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35788"
},
{
"name": "CVE-2023-1989",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1989"
},
{
"name": "CVE-2023-23000",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23000"
},
{
"name": "CVE-2023-28866",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28866"
},
{
"name": "CVE-2023-1855",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1855"
},
{
"name": "CVE-2023-2513",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2513"
},
{
"name": "CVE-2023-35828",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35828"
},
{
"name": "CVE-2023-31084",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31084"
},
{
"name": "CVE-2023-3090",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3090"
},
{
"name": "CVE-2023-3358",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3358"
},
{
"name": "CVE-2022-45919",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45919"
},
{
"name": "CVE-2023-21106",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21106"
},
{
"name": "CVE-2023-31436",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31436"
},
{
"name": "CVE-2023-28327",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28327"
},
{
"name": "CVE-2023-1582",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1582"
},
{
"name": "CVE-2022-36280",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36280"
},
{
"name": "CVE-2023-2194",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2194"
},
{
"name": "CVE-2022-2196",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2196"
},
{
"name": "CVE-2023-32269",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32269"
},
{
"name": "CVE-2023-1390",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1390"
},
{
"name": "CVE-2022-45886",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45886"
},
{
"name": "CVE-2020-24588",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24588"
},
{
"name": "CVE-2023-3220",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3220"
},
{
"name": "CVE-2023-22998",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22998"
},
{
"name": "CVE-2023-3111",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3111"
},
{
"name": "CVE-2023-0179",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0179"
},
{
"name": "CVE-2023-1670",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1670"
},
{
"name": "CVE-2023-0469",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0469"
},
{
"name": "CVE-2023-1078",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1078"
},
{
"name": "CVE-2023-2176",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2176"
},
{
"name": "CVE-2023-2162",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2162"
},
{
"name": "CVE-2023-1079",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1079"
},
{
"name": "CVE-2023-33952",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33952"
},
{
"name": "CVE-2022-4744",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4744"
},
{
"name": "CVE-2023-33288",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33288"
},
{
"name": "CVE-2023-1990",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1990"
},
{
"name": "CVE-2023-3161",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3161"
},
{
"name": "CVE-2023-28464",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28464"
},
{
"name": "CVE-2023-35824",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35824"
},
{
"name": "CVE-2023-1998",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1998"
},
{
"name": "CVE-2023-28772",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28772"
},
{
"name": "CVE-2023-1075",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1075"
},
{
"name": "CVE-2023-35823",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35823"
},
{
"name": "CVE-2022-3523",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3523"
},
{
"name": "CVE-2023-28410",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28410"
},
{
"name": "CVE-2023-26545",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26545"
},
{
"name": "CVE-2017-5753",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5753"
},
{
"name": "CVE-2023-23001",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23001"
},
{
"name": "CVE-2023-1380",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1380"
},
{
"name": "CVE-2022-45887",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45887"
},
{
"name": "CVE-2023-25012",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25012"
},
{
"name": "CVE-2023-21102",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21102"
},
{
"name": "CVE-2023-1095",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1095"
},
{
"name": "CVE-2023-1118",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1118"
},
{
"name": "CVE-2023-0394",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0394"
},
{
"name": "CVE-2023-3357",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3357"
},
{
"name": "CVE-2023-2269",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2269"
},
{
"name": "CVE-2023-0386",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0386"
},
{
"name": "CVE-2023-1249",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1249"
},
{
"name": "CVE-2022-38096",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38096"
},
{
"name": "CVE-2023-23006",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23006"
},
{
"name": "CVE-2023-1829",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1829"
},
{
"name": "CVE-2023-3141",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3141"
},
{
"name": "CVE-2023-30456",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30456"
},
{
"name": "CVE-2023-0045",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0045"
},
{
"name": "CVE-2022-45885",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45885"
},
{
"name": "CVE-2023-1077",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1077"
},
{
"name": "CVE-2023-3212",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3212"
},
{
"name": "CVE-2023-1513",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1513"
},
{
"name": "CVE-2023-23004",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23004"
},
{
"name": "CVE-2023-35829",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35829"
},
{
"name": "CVE-2023-2483",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2483"
},
{
"name": "CVE-2023-1652",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1652"
},
{
"name": "CVE-2023-0597",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0597"
},
{
"name": "CVE-2023-32233",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32233"
},
{
"name": "CVE-2023-2156",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2156"
},
{
"name": "CVE-2023-1637",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1637"
},
{
"name": "CVE-2023-0590",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0590"
},
{
"name": "CVE-2022-3566",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3566"
},
{
"name": "CVE-2023-1611",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1611"
},
{
"name": "CVE-2023-3268",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3268"
},
{
"name": "CVE-2023-2124",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2124"
},
{
"name": "CVE-2023-1583",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1583"
},
{
"name": "CVE-2023-3389",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3389"
},
{
"name": "CVE-2023-0122",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0122"
}
],
"links": [],
"reference": "CERTFR-2023-AVI-0544",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-07-13T00:00:00.000000"
}
],
"risks": [
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans \u003cspan\nclass=\"textit\"\u003ele noyau Linux de SUSE\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une atteinte \u00e0 la confidentialit\u00e9\ndes donn\u00e9es, une \u00e9l\u00e9vation de privil\u00e8ges et une ex\u00e9cution de code\narbitraire.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de SUSE",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2023:2805-1 du 11 juillet 2023",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20232805-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2023:2809-1 du 11 juillet 2023",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20232809-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2023:2804-1 du 10 juillet 2023",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20232804-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2023:2803-1 du 10 juillet 2023",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20232803-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2023:2810-1 du 12 juillet 2023",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20232810-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2023:2808-1 du 11 juillet 2023",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20232808-1/"
}
]
}
CERTFR-2023-AVI-0578
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans le noyau Linux de SUSE. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, une exécution de code arbitraire à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| SUSE | N/A | SUSE Linux Enterprise Software Development Kit 12 SP5 | ||
| SUSE | Public Cloud Module | Public Cloud Module 15-SP5 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro 5.1 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15 SP3 Business Critical Linux 15-SP3 | ||
| SUSE | SUSE Manager Server | SUSE Manager Server 4.3 | ||
| SUSE | N/A | SUSE Linux Enterprise High Availability Extension 15 SP3 | ||
| SUSE | N/A | Legacy Module 15-SP5 | ||
| SUSE | N/A | Development Tools Module 15-SP4 | ||
| SUSE | N/A | SUSE Linux Enterprise Workstation Extension 15 SP4 | ||
| SUSE | N/A | Development Tools Module 15-SP5 | ||
| SUSE | N/A | SUSE Linux Enterprise Workstation Extension 15 SP5 | ||
| SUSE | N/A | SUSE Linux Enterprise High Availability Extension 15 SP2 | ||
| SUSE | N/A | SUSE Enterprise Storage 7 | ||
| SUSE | N/A | SUSE Enterprise Storage 7.1 | ||
| SUSE | N/A | SUSE Linux Enterprise High Availability Extension 15 SP5 | ||
| SUSE | N/A | SUSE CaaS Platform 4.0 | ||
| SUSE | N/A | SUSE Linux Enterprise High Availability Extension 12 SP5 | ||
| SUSE | N/A | SUSE Linux Enterprise Workstation Extension 12 12-SP5 | ||
| SUSE | N/A | SUSE Linux Enterprise High Availability Extension 15 SP1 | ||
| SUSE | N/A | SUSE Linux Enterprise High Availability Extension 15 SP4 | ||
| SUSE | N/A | Legacy Module 15-SP4 | ||
| SUSE | Basesystem Module | Basesystem Module 15-SP5 | ||
| SUSE | Basesystem Module | Basesystem Module 15-SP4 | ||
| SUSE | openSUSE Leap | openSUSE Leap 15.4 | ||
| SUSE | openSUSE Leap | openSUSE Leap Micro 5.3 | ||
| SUSE | openSUSE Leap | openSUSE Leap 15.5 | ||
| SUSE | Public Cloud Module | Public Cloud Module 15-SP4 | ||
| SUSE | SUSE Linux Enterprise Desktop | SUSE Linux Enterprise Desktop 15 SP4 | ||
| SUSE | SUSE Linux Enterprise Desktop | SUSE Linux Enterprise Desktop 15 SP5 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 15 SP3 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 15 SP1 LTSS 15-SP1 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 15 SP4 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 15 SP2 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 12 SP5 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing ESPOS 15 SP3 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 15 SP1 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 15 SP5 | ||
| SUSE | SUSE Linux Enterprise Live Patching | SUSE Linux Enterprise Live Patching 15-SP1 | ||
| SUSE | SUSE Linux Enterprise Live Patching | SUSE Linux Enterprise Live Patching 15-SP5 | ||
| SUSE | SUSE Linux Enterprise Live Patching | SUSE Linux Enterprise Live Patching 15-SP2 | ||
| SUSE | SUSE Linux Enterprise Live Patching | SUSE Linux Enterprise Live Patching 15-SP3 | ||
| SUSE | SUSE Linux Enterprise Live Patching | SUSE Linux Enterprise Live Patching 12-SP5 | ||
| SUSE | SUSE Linux Enterprise Live Patching | SUSE Linux Enterprise Live Patching 15-SP4 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro for Rancher 5.3 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro 5.2 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro 5.4 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro for Rancher 5.2 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro 5.3 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro for Rancher 5.4 | ||
| SUSE | SUSE Linux Enterprise Real Time | SUSE Linux Enterprise Real Time 15 SP3 | ||
| SUSE | SUSE Linux Enterprise Real Time | SUSE Linux Enterprise Real Time 15 SP4 | ||
| SUSE | SUSE Linux Enterprise Real Time | SUSE Linux Enterprise Real Time 15 SP5 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15 SP4 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP Applications 15 SP4 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15 SP1 LTSS 15-SP1 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP Applications 15 SP2 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15 SP1 Business Critical Linux 15-SP1 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP Applications 15 SP5 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15 SP3 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP Applications 12 SP5 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15 SP1 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP Applications 15 SP1 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15 SP2 Business Critical Linux 15-SP2 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15 SP5 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 12 SP5 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP Applications 15 SP3 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15 SP2 | ||
| SUSE | SUSE Manager Proxy | SUSE Manager Proxy 4.1 | ||
| SUSE | SUSE Manager Proxy | SUSE Manager Proxy 4.0 | ||
| SUSE | SUSE Manager Proxy | SUSE Manager Proxy 4.2 | ||
| SUSE | SUSE Manager Proxy | SUSE Manager Proxy 4.3 | ||
| SUSE | SUSE Manager Retail Branch Server | SUSE Manager Retail Branch Server 4.0 | ||
| SUSE | SUSE Manager Retail Branch Server | SUSE Manager Retail Branch Server 4.1 | ||
| SUSE | SUSE Manager Retail Branch Server | SUSE Manager Retail Branch Server 4.2 | ||
| SUSE | SUSE Manager Retail Branch Server | SUSE Manager Retail Branch Server 4.3 | ||
| SUSE | SUSE Manager Server | SUSE Manager Server 4.1 | ||
| SUSE | SUSE Manager Server | SUSE Manager Server 4.0 | ||
| SUSE | SUSE Manager Server | SUSE Manager Server 4.2 |
References
| Title | Publication Time | Tags | ||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SUSE Linux Enterprise Software Development Kit 12 SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "Public Cloud Module 15-SP5",
"product": {
"name": "Public Cloud Module",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.1",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP3 Business Critical Linux 15-SP3",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Server 4.3",
"product": {
"name": "SUSE Manager Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Availability Extension 15 SP3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "Legacy Module 15-SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "Development Tools Module 15-SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Workstation Extension 15 SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "Development Tools Module 15-SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Workstation Extension 15 SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Availability Extension 15 SP2",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Enterprise Storage 7",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Enterprise Storage 7.1",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Availability Extension 15 SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE CaaS Platform 4.0",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Availability Extension 12 SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Workstation Extension 12 12-SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Availability Extension 15 SP1",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Availability Extension 15 SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "Legacy Module 15-SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "Basesystem Module 15-SP5",
"product": {
"name": "Basesystem Module",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "Basesystem Module 15-SP4",
"product": {
"name": "Basesystem Module",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "openSUSE Leap 15.4",
"product": {
"name": "openSUSE Leap",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "openSUSE Leap Micro 5.3",
"product": {
"name": "openSUSE Leap",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "openSUSE Leap 15.5",
"product": {
"name": "openSUSE Leap",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "Public Cloud Module 15-SP4",
"product": {
"name": "Public Cloud Module",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Desktop 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Desktop",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Desktop 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Desktop",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15 SP3",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15 SP1 LTSS 15-SP1",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing LTSS 15 SP3",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15 SP4",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15 SP2",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 12 SP5",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing ESPOS 15 SP3",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15 SP1",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15 SP5",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 15-SP1",
"product": {
"name": "SUSE Linux Enterprise Live Patching",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 15-SP5",
"product": {
"name": "SUSE Linux Enterprise Live Patching",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 15-SP2",
"product": {
"name": "SUSE Linux Enterprise Live Patching",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 15-SP3",
"product": {
"name": "SUSE Linux Enterprise Live Patching",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 12-SP5",
"product": {
"name": "SUSE Linux Enterprise Live Patching",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 15-SP4",
"product": {
"name": "SUSE Linux Enterprise Live Patching",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro for Rancher 5.3",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.2",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.4",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro for Rancher 5.2",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.3",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro for Rancher 5.4",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Real Time 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Real Time",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Real Time 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Real Time",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Real Time 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Real Time",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP1 LTSS 15-SP1",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP1 Business Critical Linux 15-SP1",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP1",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP2 Business Critical Linux 15-SP2",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP2",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Proxy 4.1",
"product": {
"name": "SUSE Manager Proxy",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Proxy 4.0",
"product": {
"name": "SUSE Manager Proxy",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Proxy 4.2",
"product": {
"name": "SUSE Manager Proxy",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Proxy 4.3",
"product": {
"name": "SUSE Manager Proxy",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Retail Branch Server 4.0",
"product": {
"name": "SUSE Manager Retail Branch Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Retail Branch Server 4.1",
"product": {
"name": "SUSE Manager Retail Branch Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Retail Branch Server 4.2",
"product": {
"name": "SUSE Manager Retail Branch Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Retail Branch Server 4.3",
"product": {
"name": "SUSE Manager Retail Branch Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Server 4.1",
"product": {
"name": "SUSE Manager Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Server 4.0",
"product": {
"name": "SUSE Manager Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Server 4.2",
"product": {
"name": "SUSE Manager Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2023-1382",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1382"
},
{
"name": "CVE-2023-3006",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3006"
},
{
"name": "CVE-2023-1838",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1838"
},
{
"name": "CVE-2023-30772",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30772"
},
{
"name": "CVE-2023-0461",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0461"
},
{
"name": "CVE-2023-1076",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1076"
},
{
"name": "CVE-2023-2235",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2235"
},
{
"name": "CVE-2023-2002",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2002"
},
{
"name": "CVE-2022-4269",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4269"
},
{
"name": "CVE-2023-3159",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3159"
},
{
"name": "CVE-2022-45884",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45884"
},
{
"name": "CVE-2023-33951",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33951"
},
{
"name": "CVE-2023-35788",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35788"
},
{
"name": "CVE-2023-1989",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1989"
},
{
"name": "CVE-2023-23000",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23000"
},
{
"name": "CVE-2023-28866",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28866"
},
{
"name": "CVE-2023-1855",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1855"
},
{
"name": "CVE-2023-2513",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2513"
},
{
"name": "CVE-2023-35828",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35828"
},
{
"name": "CVE-2023-31084",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31084"
},
{
"name": "CVE-2023-3090",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3090"
},
{
"name": "CVE-2023-3358",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3358"
},
{
"name": "CVE-2022-45919",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45919"
},
{
"name": "CVE-2023-21106",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21106"
},
{
"name": "CVE-2023-31436",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31436"
},
{
"name": "CVE-2023-28327",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28327"
},
{
"name": "CVE-2023-1582",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1582"
},
{
"name": "CVE-2022-36280",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36280"
},
{
"name": "CVE-2022-45886",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45886"
},
{
"name": "CVE-2023-3220",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3220"
},
{
"name": "CVE-2023-22998",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22998"
},
{
"name": "CVE-2023-3111",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3111"
},
{
"name": "CVE-2023-0179",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0179"
},
{
"name": "CVE-2023-1670",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1670"
},
{
"name": "CVE-2023-2430",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2430"
},
{
"name": "CVE-2023-0469",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0469"
},
{
"name": "CVE-2023-2176",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2176"
},
{
"name": "CVE-2023-2162",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2162"
},
{
"name": "CVE-2023-1079",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1079"
},
{
"name": "CVE-2023-33952",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33952"
},
{
"name": "CVE-2022-4744",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4744"
},
{
"name": "CVE-2023-33288",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33288"
},
{
"name": "CVE-2023-3161",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3161"
},
{
"name": "CVE-2023-28464",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28464"
},
{
"name": "CVE-2023-35824",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35824"
},
{
"name": "CVE-2023-1998",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1998"
},
{
"name": "CVE-2023-1075",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1075"
},
{
"name": "CVE-2023-35823",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35823"
},
{
"name": "CVE-2023-28410",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28410"
},
{
"name": "CVE-2023-26545",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26545"
},
{
"name": "CVE-2023-23001",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23001"
},
{
"name": "CVE-2022-45887",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45887"
},
{
"name": "CVE-2023-25012",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25012"
},
{
"name": "CVE-2023-21102",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21102"
},
{
"name": "CVE-2023-1095",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1095"
},
{
"name": "CVE-2023-1118",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1118"
},
{
"name": "CVE-2023-0394",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0394"
},
{
"name": "CVE-2023-3357",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3357"
},
{
"name": "CVE-2023-2269",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2269"
},
{
"name": "CVE-2023-1249",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1249"
},
{
"name": "CVE-2022-38096",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38096"
},
{
"name": "CVE-2023-23006",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23006"
},
{
"name": "CVE-2023-1829",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1829"
},
{
"name": "CVE-2023-3141",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3141"
},
{
"name": "CVE-2023-30456",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30456"
},
{
"name": "CVE-2023-0045",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0045"
},
{
"name": "CVE-2022-45885",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45885"
},
{
"name": "CVE-2023-1077",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1077"
},
{
"name": "CVE-2023-3212",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3212"
},
{
"name": "CVE-2023-1513",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1513"
},
{
"name": "CVE-2023-23004",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23004"
},
{
"name": "CVE-2023-35829",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35829"
},
{
"name": "CVE-2023-2483",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2483"
},
{
"name": "CVE-2023-1652",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1652"
},
{
"name": "CVE-2023-0597",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0597"
},
{
"name": "CVE-2023-32233",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32233"
},
{
"name": "CVE-2023-2156",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2156"
},
{
"name": "CVE-2023-1637",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1637"
},
{
"name": "CVE-2023-0590",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0590"
},
{
"name": "CVE-2023-1611",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1611"
},
{
"name": "CVE-2023-3268",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3268"
},
{
"name": "CVE-2023-2124",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2124"
},
{
"name": "CVE-2023-1583",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1583"
},
{
"name": "CVE-2023-3389",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3389"
},
{
"name": "CVE-2023-0122",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0122"
}
],
"links": [],
"reference": "CERTFR-2023-AVI-0578",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-07-21T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de\nSUSE. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer un\nprobl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, une ex\u00e9cution de code\narbitraire \u00e0 distance et un contournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de SUSE",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20232871-1 du 18 juillet 2023",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20232871-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20232859-1 du 17 juillet 2023",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20232859-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20232820-1 du 13 juillet 2023",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20232820-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20232822-1 du 14 juillet 2023",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20232822-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20232830-1 du 14 juillet 2023",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20232830-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20232834-1 du 14 juillet 2023",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20232834-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20232831-1 du 14 juillet 2023",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20232831-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20232892-1 du 19 juillet 2023",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20232892-1/"
}
]
}
FKIE_CVE-2023-2483
Vulnerability from fkie_nvd - Published: 2023-05-23 13:15 - Updated: 2023-11-07 04:12
Severity
Summary
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2023-33203. Reason: This candidate is a reservation duplicate of CVE-2023-33203. Notes: All CVE users should reference CVE-2023-33203 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
References
| URL | Tags |
|---|
Impacted products
| Vendor | Product | Version |
|---|
{
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2023-33203. Reason: This candidate is a reservation duplicate of CVE-2023-33203. Notes: All CVE users should reference CVE-2023-33203 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
}
],
"id": "CVE-2023-2483",
"lastModified": "2023-11-07T04:12:45.080",
"metrics": {},
"published": "2023-05-23T13:15:09.783",
"references": [],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Rejected"
}
GSD-2023-2483
Vulnerability from gsd - Updated: 2023-12-13 01:20Details
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2023-33203. Reason: This candidate is a reservation duplicate of CVE-2023-33203. Notes: All CVE users should reference CVE-2023-33203 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2023-2483",
"id": "GSD-2023-2483"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2023-2483"
],
"details": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2023-33203. Reason: This candidate is a reservation duplicate of CVE-2023-33203. Notes: All CVE users should reference CVE-2023-33203 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.",
"id": "GSD-2023-2483",
"modified": "2023-12-13T01:20:32.023276Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2023-2483",
"STATE": "REJECT"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2023-33203. Reason: This candidate is a reservation duplicate of CVE-2023-33203. Notes: All CVE users should reference CVE-2023-33203 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
}
]
}
}
}
}
SUSE-SU-2023:2162-1
Vulnerability from csaf_suse - Published: 2023-05-10 16:07 - Updated: 2023-05-10 16:07Summary
Security update for the Linux Kernel
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel
Description of the patch: The SUSE Linux Enterprise 12 SP5 AZURE kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2023-2483: Fixed a use after free bug in emac_remove due caused by a race condition (bsc#1211037).
- CVE-2023-2124: Fixed an out of bound access in the XFS subsystem that could have lead to denial-of-service or potentially privilege escalation (bsc#1210498).
- CVE-2023-1670: Fixed a use after free in the Xircom 16-bit PCMCIA Ethernet driver. A local user could use this flaw to crash the system or potentially escalate their privileges on the system (bsc#1209871).
- CVE-2023-2162: Fixed an use-after-free flaw in iscsi_sw_tcp_session_create (bsc#1210647).
- CVE-2023-1998: Fixed a use after free during login when accessing the shost ipaddress (bsc#1210506).
- CVE-2023-30772: Fixed a race condition and resultant use-after-free in da9150_charger_remove (bsc#1210329).
- CVE-2023-1855: Fixed a use after free in xgene_hwmon_remove (bsc#1210202).
- CVE-2023-1989: Fixed a use after free in btsdio_remove (bsc#1210336).
- CVE-2023-1990: Fixed a use after free in ndlc_remove (bsc#1210337).
- CVE-2022-43945: Fixed a buffer overflow in the NFSD implementation (bsc#1205128).
- CVE-2023-1611: Fixed an use-after-free flaw in btrfs_search_slot (bsc#1209687).
- CVE-2020-36691: Fixed a denial of service vulnerability via a nested Netlink policy with a back reference (bsc#1209777).
The following non-security bugs were fixed:
- USB: dwc3: fix runtime pm imbalance on probe errors (git-fixes).
- USB: dwc3: fix runtime pm imbalance on unbind (git-fixes).
- ath10k: Fix error handling in case of CE pipe init failure (git-fixes).
- ath10k: Fix missing frame timestamp for beacon/probe-resp (git-fixes).
- ath10k: Fix the parsing error in service available event (git-fixes).
- ath10k: add missing error return code in ath10k_pci_probe() (git-fixes).
- ath10k: fix control-message timeout (git-fixes).
- ath10k: fix division by zero in send path (git-fixes).
- ath10k: fix memory overwrite of the WoWLAN wakeup packet pattern (git-fixes).
- audit: improve audit queue handling when 'audit=1' on cmdline (bsc#1209969).
- bpf, x86: Fix encoding for lower 8-bit registers in BPF_STX BPF_B (git-fixes).
- cachefiles: Drop superfluous readpages aops NULL check (bsc#1210430).
- cachefiles: Fix page leak in cachefiles_read_backing_file while vmscan is active (bsc#1210430).
- cachefiles: Fix race between read_waiter and read_copier involving op->to_do (bsc#1210430).
- cachefiles: Handle readpage error correctly (bsc#1210430).
- cgroup/cpuset: Wake up cpuset_attach_wq tasks in cpuset_cancel_attach() (bsc#1210827).
- cifs: fix negotiate context parsing (bsc#1210301).
- cifs: fix open leaks in open_cached_dir() (bsc#1209342).
- cred: allow get_cred() and put_cred() to be given NULL (bsc#1209887).
- crypto: x86/ghash - fix unaligned access in ghash_setkey() (git-fixes).
- drivers: net: lmc: fix case value for target abort error (git-fixes).
- fscache, cachefiles: remove redundant variable 'cache' (bsc#1210430).
- ftrace: Mark get_lock_parent_ip() __always_inline (git-fixes).
- intel_pmc_ipc: restore ability to call functions with irq enabled (git-fixes).
- ipmi: fix SSIF not responding under certain cond (git-fixes).
- iwlwifi: Fix -EIO error code that is never returned (git-fixes).
- iwlwifi: fw: make pos static in iwl_sar_get_ewrd_table() loop (git-fixes).
- iwlwifi: pcie: fix locking when 'HW not ready' (git-fixes).
- iwlwifi: pcie: gen2: fix locking when 'HW not ready' (git-fixes).
- iwlwifi: pcie: reschedule in long-running memory reads (git-fixes).
- kabi/severities: ignore KABI for NVMe, except nvme-fc (bsc#1174777).
- kcm: Only allow TCP sockets to be attached to a KCM mux (git-fixes).
- keys: Change keyring_serialise_link_sem to a mutex (bsc#1207088).
- keys: Fix linking a duplicate key to a keyring's assoc_array (bsc#1207088).
- keys: Hoist locking out of __key_link_begin() (bsc#1207088).
- kretprobe: Prevent triggering kretprobe from within kprobe_flush_task (git-fixes).
- l2tp: clean up stale tunnel or session in pppol2tp_connect's error path (git-fixes).
- l2tp: fix pseudo-wire type for sessions created by pppol2tp_connect() (git-fixes).
- l2tp: reject creation of non-PPP sessions on L2TPv2 tunnels (git-fixes).
- net/ncsi: Do not return error on normal response (git-fixes).
- net: axienet: Fix double deregister of mdio (git-fixes).
- net: core: dst: Add kernel-doc for 'net' parameter (git-fixes).
- net: core: dst_cache_set_ip6: Rename 'addr' parameter to 'saddr' for consistency (git-fixes).
- net: phy: realtek: Use the dummy stubs for MMD register access for rtl8211b (git-fixes).
- net: prevent ISA drivers from building on PPC32 (git-fixes).
- net: usb: qmi_wwan: add Telit 0x1080 composition (git-fixes).
- netfilter: nft_set_rbtree: fix parameter of __nft_rbtree_lookup() (git-fixes).
- netfilter: x_tables: Add note about how to free percpu counters (git-fixes).
- ntp: Limit TAI-UTC offset (git-fixes)
- nvme-pci: do not WARN_ON in nvme_reset_work if ctrl.state is not RESETTING (git-fixes).
- nvme-pci: fix doorbell buffer value endianness (git-fixes).
- nvme: retain split access workaround for capability reads (git-fixes).
- platform/x86: intel_pmc_ipc: Use devm_* calls in driver probe function (git-fixes).
- platform/x86: intel_pmc_ipc: Use spin_lock to protect GCR updates (git-fixes).
- powercap: fix possible name leak in powercap_register_zone() (git-fixes).
- powerpc/numa: Consider the max NUMA node for migratable LPAR (bsc#1209999 ltc#202140 bsc#1190544 ltc#194520 bsc#1142685 ltc#179509 git-fixes).
- powerpc/numa: Detect support for coregroup (bsc#1209999 ltc#202140 bsc#1142685 ltc#179509 git-fixes).
- powerpc/numa: Limit possible nodes to within num_possible_nodes (bsc#1209999 ltc#202140 bsc#1142685 ltc#179509 git-fixes).
- powerpc/numa: Restrict possible nodes based on platform (bsc#1209999 ltc#202140 bsc#1142685 ltc#179509 git-fixes).
- powerpc/papr_scm: Update the NUMA distance table for the target node (bsc#1209999 ltc#202140 bsc#1142685 ltc#179509 git-fixes).
- powerpc/pseries: Consolidate different NUMA distance update code paths (bsc#1209999 ltc#202140 bsc#1142685 ltc#179509 git-fixes).
- powerpc/pseries: Rename TYPE1_AFFINITY to FORM1_AFFINITY (bsc#1209999 ltc#202140 bsc#1142685 ltc#179509 git-fixes).
- powerpc/pseries: rename min_common_depth to primary_domain_index (bsc#1209999 ltc#202140 bsc#1142685 ltc#179509 git-fixes).
- printk: Give error on attempt to set log buffer length to over 2G (bsc#1210534).
- ring-buffer: Fix race while reader and writer are on the same page (git-fixes).
- rpm/kernel-obs-build.spec.in: Remove SLE11 cruft
- s390/percpu: add READ_ONCE() to arch_this_cpu_to_op_simple() (git-fixes).
- scsi: qla2xxx: Fix memory leak in qla2x00_probe_one() (git-fixes).
- scsi: qla2xxx: Perform lockless command completion in abort path (git-fixes).
- sctp: do not free asoc when it is already dead in sctp_sendmsg (git-fixes).
- sctp: return error if the asoc has been peeled off in sctp_wait_for_sndbuf (git-fixes).
- sctp: use the right sk after waking up from wait_buf sleep (git-fixes).
- struct ci_hdrc: hide new member at end (git-fixes).
- struct wmi_svc_avail_ev_arg: new member to end (git-fixes).
- timekeeping: Prevent 32bit truncation in (git-fixes)
- tuntap: fix dividing by zero in ebpf queue selection (git-fixes).
- uprobes/x86: Fix detection of 32-bit user mode (git-fixes).
- usb/ohci-platform: Fix a warning when hibernating (git-fixes).
- usb: chipidea: core: fix possible concurrent when switch role (git-fixes).
- usb: chipidea: fix missing goto in `ci_hdrc_probe` (git-fixes).
- usb: dwc3: core: fix kernel panic when do reboot (git-fixes).
- usb: dwc3: gadget: Do not set IMI for no_interrupt (git-fixes).
- usb: host: ohci-pxa27x: Fix and & vs | typo (git-fixes).
- usb: storage: Add check for kcalloc (git-fixes).
- usb: typec: Check for ops->exit instead of ops->enter in altmode_exit (git-fixes).
- watchdog: pcwd_usb: Fix attempting to access uninitialized memory (git-fixes).
- wifi: ath5k: fix an off by one check in ath5k_eeprom_read_freq_list() (git-fixes).
- workqueue: Fix missing kfree(rescuer) in destroy_workqueue() (bsc#1210460).
- workqueue: Fix spurious sanity check failures in destroy_workqueue() (bsc#1210460).
- wq: handle VM suspension in stall detection (bsc#1210466).
- x86, boot: Remove multiple copy of static function sanitize_boot_params() (git-fixes).
- x86/apic: Fix arch_dynirq_lower_bound() bug for DT enabled machines (git-fixes).
- x86/apic: Handle missing global clockevent gracefully (git-fixes bsc#1142926).
- x86/apic: Soft disable APIC before initializing it (git-fixes).
- x86/boot/compressed: Disable relocation relaxation (git-fixes).
- x86/boot: Avoid using Intel mnemonics in AT&T syntax asm (git-fixes).
- x86/bugs: Add Cannon lake to RETBleed affected CPU list (git-fixes).
- x86/bugs: Enable STIBP for IBPB mitigated RETBleed (git-fixes).
- x86/decoder: Add TEST opcode to Group3-2 (git-fixes).
- x86/fpu: Prevent FPU state corruption (git-fixes).
- x86/ioapic: Prevent inconsistent state when moving an interrupt (git-fixes).
- x86/irq: Ensure PI wakeup handler is unregistered before module unload (git-fixes).
- x86/kprobes: Fix to check non boostable prefixes correctly (git-fixes).
- x86/kprobes: Restore BTF if the single-stepping is cancelled (git-fixes).
- x86/lib/cpu: Address missing prototypes warning (git-fixes).
- x86/mce/inject: Avoid out-of-bounds write when setting flags (git-fixes).
- x86/mce: Lower throttling MCE messages' priority to warning (git-fixes).
- x86/mm: Stop printing BRK addresses (git-fixes).
- x86/mm: Use the correct function type for native_set_fixmap() (git-fixes).
- x86/pkeys: Add check for pkey 'overflow' (git-fixes).
- x86/reboot: Always use NMI fallback when shutdown via reboot vector IPI fails (git-fixes).
- x86/speculation/mds: Mark mds_user_clear_cpu_buffers() __always_inline (git-fixes).
- x86/sysfb: Fix check for bad VRAM size (git-fixes).
- x86/tools/relocs: Fix non-POSIX regexp (git-fixes).
- x86/tools: Fix objdump version check again (git-fixes).
- x86/virt: Eat faults on VMXOFF in reboot flows (git-fixes).
- x86/virt: Mark flags and memory as clobbered by VMXOFF (git-fixes).
- x86: Do not let pgprot_modify() change the page encryption bit (git-fixes).
- x86_64: Fix jiffies ODR violation (git-fixes).
- xfrm: policy: use hlist rcu variants on insert (git-fixes).
- xhci: also avoid the XHCI_ZERO_64B_REGS quirk with a passthrough iommu (git-fixes).
- xhci: hide include of iommu.h (git-fixes).
Patchnames: SUSE-2023-2162,SUSE-SLE-SERVER-12-SP5-2023-2162
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.9 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
8.8 (High)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
4.7 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.4 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.4 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.8 (High)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.6 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.7 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.4 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.4 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
87 references
| URL | Category |
|---|---|
| https://www.suse.com/support/security/rating/ | external |
| https://ftp.suse.com/pub/projects/security/csaf/s… | self |
| https://www.suse.com/support/update/announcement/… | self |
| https://lists.suse.com/pipermail/sle-updates/2023… | self |
| https://bugzilla.suse.com/1142685 | self |
| https://bugzilla.suse.com/1142926 | self |
| https://bugzilla.suse.com/1174777 | self |
| https://bugzilla.suse.com/1190544 | self |
| https://bugzilla.suse.com/1202353 | self |
| https://bugzilla.suse.com/1205128 | self |
| https://bugzilla.suse.com/1207088 | self |
| https://bugzilla.suse.com/1209342 | self |
| https://bugzilla.suse.com/1209687 | self |
| https://bugzilla.suse.com/1209777 | self |
| https://bugzilla.suse.com/1209871 | self |
| https://bugzilla.suse.com/1209887 | self |
| https://bugzilla.suse.com/1209969 | self |
| https://bugzilla.suse.com/1209999 | self |
| https://bugzilla.suse.com/1210202 | self |
| https://bugzilla.suse.com/1210301 | self |
| https://bugzilla.suse.com/1210329 | self |
| https://bugzilla.suse.com/1210336 | self |
| https://bugzilla.suse.com/1210337 | self |
| https://bugzilla.suse.com/1210430 | self |
| https://bugzilla.suse.com/1210460 | self |
| https://bugzilla.suse.com/1210466 | self |
| https://bugzilla.suse.com/1210469 | self |
| https://bugzilla.suse.com/1210498 | self |
| https://bugzilla.suse.com/1210506 | self |
| https://bugzilla.suse.com/1210534 | self |
| https://bugzilla.suse.com/1210647 | self |
| https://bugzilla.suse.com/1210827 | self |
| https://bugzilla.suse.com/1211037 | self |
| https://www.suse.com/security/cve/CVE-2020-36691/ | self |
| https://www.suse.com/security/cve/CVE-2022-43945/ | self |
| https://www.suse.com/security/cve/CVE-2023-1611/ | self |
| https://www.suse.com/security/cve/CVE-2023-1670/ | self |
| https://www.suse.com/security/cve/CVE-2023-1855/ | self |
| https://www.suse.com/security/cve/CVE-2023-1989/ | self |
| https://www.suse.com/security/cve/CVE-2023-1990/ | self |
| https://www.suse.com/security/cve/CVE-2023-1998/ | self |
| https://www.suse.com/security/cve/CVE-2023-2124/ | self |
| https://www.suse.com/security/cve/CVE-2023-2162/ | self |
| https://www.suse.com/security/cve/CVE-2023-2483/ | self |
| https://www.suse.com/security/cve/CVE-2023-30772/ | self |
| https://www.suse.com/security/cve/CVE-2020-36691 | external |
| https://bugzilla.suse.com/1209613 | external |
| https://bugzilla.suse.com/1209777 | external |
| https://www.suse.com/security/cve/CVE-2022-43945 | external |
| https://bugzilla.suse.com/1205128 | external |
| https://bugzilla.suse.com/1205130 | external |
| https://bugzilla.suse.com/1208030 | external |
| https://bugzilla.suse.com/1208085 | external |
| https://bugzilla.suse.com/1209225 | external |
| https://bugzilla.suse.com/1210124 | external |
| https://www.suse.com/security/cve/CVE-2023-1611 | external |
| https://bugzilla.suse.com/1209687 | external |
| https://www.suse.com/security/cve/CVE-2023-1670 | external |
| https://bugzilla.suse.com/1209871 | external |
| https://bugzilla.suse.com/1222212 | external |
| https://www.suse.com/security/cve/CVE-2023-1855 | external |
| https://bugzilla.suse.com/1210202 | external |
| https://www.suse.com/security/cve/CVE-2023-1989 | external |
| https://bugzilla.suse.com/1210336 | external |
| https://bugzilla.suse.com/1210500 | external |
| https://bugzilla.suse.com/1213841 | external |
| https://bugzilla.suse.com/1213842 | external |
| https://bugzilla.suse.com/1214128 | external |
| https://www.suse.com/security/cve/CVE-2023-1990 | external |
| https://bugzilla.suse.com/1210337 | external |
| https://bugzilla.suse.com/1210501 | external |
| https://bugzilla.suse.com/1214128 | external |
| https://www.suse.com/security/cve/CVE-2023-1998 | external |
| https://bugzilla.suse.com/1210506 | external |
| https://www.suse.com/security/cve/CVE-2023-2124 | external |
| https://bugzilla.suse.com/1210498 | external |
| https://www.suse.com/security/cve/CVE-2023-2162 | external |
| https://bugzilla.suse.com/1210647 | external |
| https://bugzilla.suse.com/1210662 | external |
| https://bugzilla.suse.com/1213841 | external |
| https://bugzilla.suse.com/1213842 | external |
| https://bugzilla.suse.com/1214128 | external |
| https://bugzilla.suse.com/1222212 | external |
| https://www.suse.com/security/cve/CVE-2023-2483 | external |
| https://bugzilla.suse.com/1211037 | external |
| https://www.suse.com/security/cve/CVE-2023-30772 | external |
| https://bugzilla.suse.com/1210329 | external |
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "The SUSE Linux Enterprise 12 SP5 AZURE kernel was updated to receive various security and bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2023-2483: Fixed a use after free bug in emac_remove due caused by a race condition (bsc#1211037).\n- CVE-2023-2124: Fixed an out of bound access in the XFS subsystem that could have lead to denial-of-service or potentially privilege escalation (bsc#1210498).\n- CVE-2023-1670: Fixed a use after free in the Xircom 16-bit PCMCIA Ethernet driver. A local user could use this flaw to crash the system or potentially escalate their privileges on the system (bsc#1209871).\n- CVE-2023-2162: Fixed an use-after-free flaw in iscsi_sw_tcp_session_create (bsc#1210647).\n- CVE-2023-1998: Fixed a use after free during login when accessing the shost ipaddress (bsc#1210506).\n- CVE-2023-30772: Fixed a race condition and resultant use-after-free in da9150_charger_remove (bsc#1210329).\n- CVE-2023-1855: Fixed a use after free in xgene_hwmon_remove (bsc#1210202).\n- CVE-2023-1989: Fixed a use after free in btsdio_remove (bsc#1210336).\n- CVE-2023-1990: Fixed a use after free in ndlc_remove (bsc#1210337).\n- CVE-2022-43945: Fixed a buffer overflow in the NFSD implementation (bsc#1205128).\n- CVE-2023-1611: Fixed an use-after-free flaw in btrfs_search_slot (bsc#1209687).\n- CVE-2020-36691: Fixed a denial of service vulnerability via a nested Netlink policy with a back reference (bsc#1209777).\n\nThe following non-security bugs were fixed:\n\n- USB: dwc3: fix runtime pm imbalance on probe errors (git-fixes).\n- USB: dwc3: fix runtime pm imbalance on unbind (git-fixes).\n- ath10k: Fix error handling in case of CE pipe init failure (git-fixes).\n- ath10k: Fix missing frame timestamp for beacon/probe-resp (git-fixes).\n- ath10k: Fix the parsing error in service available event (git-fixes).\n- ath10k: add missing error return code in ath10k_pci_probe() (git-fixes).\n- ath10k: fix control-message timeout (git-fixes).\n- ath10k: fix division by zero in send path (git-fixes).\n- ath10k: fix memory overwrite of the WoWLAN wakeup packet pattern (git-fixes).\n- audit: improve audit queue handling when \u0027audit=1\u0027 on cmdline (bsc#1209969).\n- bpf, x86: Fix encoding for lower 8-bit registers in BPF_STX BPF_B (git-fixes).\n- cachefiles: Drop superfluous readpages aops NULL check (bsc#1210430).\n- cachefiles: Fix page leak in cachefiles_read_backing_file while vmscan is active (bsc#1210430).\n- cachefiles: Fix race between read_waiter and read_copier involving op-\u003eto_do (bsc#1210430).\n- cachefiles: Handle readpage error correctly (bsc#1210430).\n- cgroup/cpuset: Wake up cpuset_attach_wq tasks in cpuset_cancel_attach() (bsc#1210827).\n- cifs: fix negotiate context parsing (bsc#1210301).\n- cifs: fix open leaks in open_cached_dir() (bsc#1209342).\n- cred: allow get_cred() and put_cred() to be given NULL (bsc#1209887).\n- crypto: x86/ghash - fix unaligned access in ghash_setkey() (git-fixes).\n- drivers: net: lmc: fix case value for target abort error (git-fixes).\n- fscache, cachefiles: remove redundant variable \u0027cache\u0027 (bsc#1210430).\n- ftrace: Mark get_lock_parent_ip() __always_inline (git-fixes).\n- intel_pmc_ipc: restore ability to call functions with irq enabled (git-fixes).\n- ipmi: fix SSIF not responding under certain cond (git-fixes).\n- iwlwifi: Fix -EIO error code that is never returned (git-fixes).\n- iwlwifi: fw: make pos static in iwl_sar_get_ewrd_table() loop (git-fixes).\n- iwlwifi: pcie: fix locking when \u0027HW not ready\u0027 (git-fixes).\n- iwlwifi: pcie: gen2: fix locking when \u0027HW not ready\u0027 (git-fixes).\n- iwlwifi: pcie: reschedule in long-running memory reads (git-fixes).\n- kabi/severities: ignore KABI for NVMe, except nvme-fc (bsc#1174777).\n- kcm: Only allow TCP sockets to be attached to a KCM mux (git-fixes).\n- keys: Change keyring_serialise_link_sem to a mutex (bsc#1207088).\n- keys: Fix linking a duplicate key to a keyring\u0027s assoc_array (bsc#1207088).\n- keys: Hoist locking out of __key_link_begin() (bsc#1207088).\n- kretprobe: Prevent triggering kretprobe from within kprobe_flush_task (git-fixes).\n- l2tp: clean up stale tunnel or session in pppol2tp_connect\u0027s error path (git-fixes).\n- l2tp: fix pseudo-wire type for sessions created by pppol2tp_connect() (git-fixes).\n- l2tp: reject creation of non-PPP sessions on L2TPv2 tunnels (git-fixes).\n- net/ncsi: Do not return error on normal response (git-fixes).\n- net: axienet: Fix double deregister of mdio (git-fixes).\n- net: core: dst: Add kernel-doc for \u0027net\u0027 parameter (git-fixes).\n- net: core: dst_cache_set_ip6: Rename \u0027addr\u0027 parameter to \u0027saddr\u0027 for consistency (git-fixes).\n- net: phy: realtek: Use the dummy stubs for MMD register access for rtl8211b (git-fixes).\n- net: prevent ISA drivers from building on PPC32 (git-fixes).\n- net: usb: qmi_wwan: add Telit 0x1080 composition (git-fixes).\n- netfilter: nft_set_rbtree: fix parameter of __nft_rbtree_lookup() (git-fixes).\n- netfilter: x_tables: Add note about how to free percpu counters (git-fixes).\n- ntp: Limit TAI-UTC offset (git-fixes)\n- nvme-pci: do not WARN_ON in nvme_reset_work if ctrl.state is not RESETTING (git-fixes).\n- nvme-pci: fix doorbell buffer value endianness (git-fixes).\n- nvme: retain split access workaround for capability reads (git-fixes).\n- platform/x86: intel_pmc_ipc: Use devm_* calls in driver probe function (git-fixes).\n- platform/x86: intel_pmc_ipc: Use spin_lock to protect GCR updates (git-fixes).\n- powercap: fix possible name leak in powercap_register_zone() (git-fixes).\n- powerpc/numa: Consider the max NUMA node for migratable LPAR (bsc#1209999 ltc#202140 bsc#1190544 ltc#194520 bsc#1142685 ltc#179509 git-fixes).\n- powerpc/numa: Detect support for coregroup (bsc#1209999 ltc#202140 bsc#1142685 ltc#179509 git-fixes).\n- powerpc/numa: Limit possible nodes to within num_possible_nodes (bsc#1209999 ltc#202140 bsc#1142685 ltc#179509 git-fixes).\n- powerpc/numa: Restrict possible nodes based on platform (bsc#1209999 ltc#202140 bsc#1142685 ltc#179509 git-fixes).\n- powerpc/papr_scm: Update the NUMA distance table for the target node (bsc#1209999 ltc#202140 bsc#1142685 ltc#179509 git-fixes).\n- powerpc/pseries: Consolidate different NUMA distance update code paths (bsc#1209999 ltc#202140 bsc#1142685 ltc#179509 git-fixes).\n- powerpc/pseries: Rename TYPE1_AFFINITY to FORM1_AFFINITY (bsc#1209999 ltc#202140 bsc#1142685 ltc#179509 git-fixes).\n- powerpc/pseries: rename min_common_depth to primary_domain_index (bsc#1209999 ltc#202140 bsc#1142685 ltc#179509 git-fixes).\n- printk: Give error on attempt to set log buffer length to over 2G (bsc#1210534).\n- ring-buffer: Fix race while reader and writer are on the same page (git-fixes).\n- rpm/kernel-obs-build.spec.in: Remove SLE11 cruft\n- s390/percpu: add READ_ONCE() to arch_this_cpu_to_op_simple() (git-fixes).\n- scsi: qla2xxx: Fix memory leak in qla2x00_probe_one() (git-fixes).\n- scsi: qla2xxx: Perform lockless command completion in abort path (git-fixes).\n- sctp: do not free asoc when it is already dead in sctp_sendmsg (git-fixes).\n- sctp: return error if the asoc has been peeled off in sctp_wait_for_sndbuf (git-fixes).\n- sctp: use the right sk after waking up from wait_buf sleep (git-fixes).\n- struct ci_hdrc: hide new member at end (git-fixes).\n- struct wmi_svc_avail_ev_arg: new member to end (git-fixes).\n- timekeeping: Prevent 32bit truncation in (git-fixes)\n- tuntap: fix dividing by zero in ebpf queue selection (git-fixes).\n- uprobes/x86: Fix detection of 32-bit user mode (git-fixes).\n- usb/ohci-platform: Fix a warning when hibernating (git-fixes).\n- usb: chipidea: core: fix possible concurrent when switch role (git-fixes).\n- usb: chipidea: fix missing goto in `ci_hdrc_probe` (git-fixes).\n- usb: dwc3: core: fix kernel panic when do reboot (git-fixes).\n- usb: dwc3: gadget: Do not set IMI for no_interrupt (git-fixes).\n- usb: host: ohci-pxa27x: Fix and \u0026 vs | typo (git-fixes).\n- usb: storage: Add check for kcalloc (git-fixes).\n- usb: typec: Check for ops-\u003eexit instead of ops-\u003eenter in altmode_exit (git-fixes).\n- watchdog: pcwd_usb: Fix attempting to access uninitialized memory (git-fixes).\n- wifi: ath5k: fix an off by one check in ath5k_eeprom_read_freq_list() (git-fixes).\n- workqueue: Fix missing kfree(rescuer) in destroy_workqueue() (bsc#1210460).\n- workqueue: Fix spurious sanity check failures in destroy_workqueue() (bsc#1210460).\n- wq: handle VM suspension in stall detection (bsc#1210466).\n- x86, boot: Remove multiple copy of static function sanitize_boot_params() (git-fixes).\n- x86/apic: Fix arch_dynirq_lower_bound() bug for DT enabled machines (git-fixes).\n- x86/apic: Handle missing global clockevent gracefully (git-fixes bsc#1142926).\n- x86/apic: Soft disable APIC before initializing it (git-fixes).\n- x86/boot/compressed: Disable relocation relaxation (git-fixes).\n- x86/boot: Avoid using Intel mnemonics in AT\u0026T syntax asm (git-fixes).\n- x86/bugs: Add Cannon lake to RETBleed affected CPU list (git-fixes).\n- x86/bugs: Enable STIBP for IBPB mitigated RETBleed (git-fixes).\n- x86/decoder: Add TEST opcode to Group3-2 (git-fixes).\n- x86/fpu: Prevent FPU state corruption (git-fixes).\n- x86/ioapic: Prevent inconsistent state when moving an interrupt (git-fixes).\n- x86/irq: Ensure PI wakeup handler is unregistered before module unload (git-fixes).\n- x86/kprobes: Fix to check non boostable prefixes correctly (git-fixes).\n- x86/kprobes: Restore BTF if the single-stepping is cancelled (git-fixes).\n- x86/lib/cpu: Address missing prototypes warning (git-fixes).\n- x86/mce/inject: Avoid out-of-bounds write when setting flags (git-fixes).\n- x86/mce: Lower throttling MCE messages\u0027 priority to warning (git-fixes).\n- x86/mm: Stop printing BRK addresses (git-fixes).\n- x86/mm: Use the correct function type for native_set_fixmap() (git-fixes).\n- x86/pkeys: Add check for pkey \u0027overflow\u0027 (git-fixes).\n- x86/reboot: Always use NMI fallback when shutdown via reboot vector IPI fails (git-fixes).\n- x86/speculation/mds: Mark mds_user_clear_cpu_buffers() __always_inline (git-fixes).\n- x86/sysfb: Fix check for bad VRAM size (git-fixes).\n- x86/tools/relocs: Fix non-POSIX regexp (git-fixes).\n- x86/tools: Fix objdump version check again (git-fixes).\n- x86/virt: Eat faults on VMXOFF in reboot flows (git-fixes).\n- x86/virt: Mark flags and memory as clobbered by VMXOFF (git-fixes).\n- x86: Do not let pgprot_modify() change the page encryption bit (git-fixes).\n- x86_64: Fix jiffies ODR violation (git-fixes).\n- xfrm: policy: use hlist rcu variants on insert (git-fixes).\n- xhci: also avoid the XHCI_ZERO_64B_REGS quirk with a passthrough iommu (git-fixes).\n- xhci: hide include of iommu.h (git-fixes).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2023-2162,SUSE-SLE-SERVER-12-SP5-2023-2162",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_2162-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2023:2162-1",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20232162-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2023:2162-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2023-May/029327.html"
},
{
"category": "self",
"summary": "SUSE Bug 1142685",
"url": "https://bugzilla.suse.com/1142685"
},
{
"category": "self",
"summary": "SUSE Bug 1142926",
"url": "https://bugzilla.suse.com/1142926"
},
{
"category": "self",
"summary": "SUSE Bug 1174777",
"url": "https://bugzilla.suse.com/1174777"
},
{
"category": "self",
"summary": "SUSE Bug 1190544",
"url": "https://bugzilla.suse.com/1190544"
},
{
"category": "self",
"summary": "SUSE Bug 1202353",
"url": "https://bugzilla.suse.com/1202353"
},
{
"category": "self",
"summary": "SUSE Bug 1205128",
"url": "https://bugzilla.suse.com/1205128"
},
{
"category": "self",
"summary": "SUSE Bug 1207088",
"url": "https://bugzilla.suse.com/1207088"
},
{
"category": "self",
"summary": "SUSE Bug 1209342",
"url": "https://bugzilla.suse.com/1209342"
},
{
"category": "self",
"summary": "SUSE Bug 1209687",
"url": "https://bugzilla.suse.com/1209687"
},
{
"category": "self",
"summary": "SUSE Bug 1209777",
"url": "https://bugzilla.suse.com/1209777"
},
{
"category": "self",
"summary": "SUSE Bug 1209871",
"url": "https://bugzilla.suse.com/1209871"
},
{
"category": "self",
"summary": "SUSE Bug 1209887",
"url": "https://bugzilla.suse.com/1209887"
},
{
"category": "self",
"summary": "SUSE Bug 1209969",
"url": "https://bugzilla.suse.com/1209969"
},
{
"category": "self",
"summary": "SUSE Bug 1209999",
"url": "https://bugzilla.suse.com/1209999"
},
{
"category": "self",
"summary": "SUSE Bug 1210202",
"url": "https://bugzilla.suse.com/1210202"
},
{
"category": "self",
"summary": "SUSE Bug 1210301",
"url": "https://bugzilla.suse.com/1210301"
},
{
"category": "self",
"summary": "SUSE Bug 1210329",
"url": "https://bugzilla.suse.com/1210329"
},
{
"category": "self",
"summary": "SUSE Bug 1210336",
"url": "https://bugzilla.suse.com/1210336"
},
{
"category": "self",
"summary": "SUSE Bug 1210337",
"url": "https://bugzilla.suse.com/1210337"
},
{
"category": "self",
"summary": "SUSE Bug 1210430",
"url": "https://bugzilla.suse.com/1210430"
},
{
"category": "self",
"summary": "SUSE Bug 1210460",
"url": "https://bugzilla.suse.com/1210460"
},
{
"category": "self",
"summary": "SUSE Bug 1210466",
"url": "https://bugzilla.suse.com/1210466"
},
{
"category": "self",
"summary": "SUSE Bug 1210469",
"url": "https://bugzilla.suse.com/1210469"
},
{
"category": "self",
"summary": "SUSE Bug 1210498",
"url": "https://bugzilla.suse.com/1210498"
},
{
"category": "self",
"summary": "SUSE Bug 1210506",
"url": "https://bugzilla.suse.com/1210506"
},
{
"category": "self",
"summary": "SUSE Bug 1210534",
"url": "https://bugzilla.suse.com/1210534"
},
{
"category": "self",
"summary": "SUSE Bug 1210647",
"url": "https://bugzilla.suse.com/1210647"
},
{
"category": "self",
"summary": "SUSE Bug 1210827",
"url": "https://bugzilla.suse.com/1210827"
},
{
"category": "self",
"summary": "SUSE Bug 1211037",
"url": "https://bugzilla.suse.com/1211037"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-36691 page",
"url": "https://www.suse.com/security/cve/CVE-2020-36691/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-43945 page",
"url": "https://www.suse.com/security/cve/CVE-2022-43945/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-1611 page",
"url": "https://www.suse.com/security/cve/CVE-2023-1611/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-1670 page",
"url": "https://www.suse.com/security/cve/CVE-2023-1670/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-1855 page",
"url": "https://www.suse.com/security/cve/CVE-2023-1855/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-1989 page",
"url": "https://www.suse.com/security/cve/CVE-2023-1989/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-1990 page",
"url": "https://www.suse.com/security/cve/CVE-2023-1990/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-1998 page",
"url": "https://www.suse.com/security/cve/CVE-2023-1998/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-2124 page",
"url": "https://www.suse.com/security/cve/CVE-2023-2124/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-2162 page",
"url": "https://www.suse.com/security/cve/CVE-2023-2162/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-2483 page",
"url": "https://www.suse.com/security/cve/CVE-2023-2483/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-30772 page",
"url": "https://www.suse.com/security/cve/CVE-2023-30772/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2023-05-10T16:07:03Z",
"generator": {
"date": "2023-05-10T16:07:03Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2023:2162-1",
"initial_release_date": "2023-05-10T16:07:03Z",
"revision_history": [
{
"date": "2023-05-10T16:07:03Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-azure-4.12.14-16.133.1.noarch",
"product": {
"name": "kernel-devel-azure-4.12.14-16.133.1.noarch",
"product_id": "kernel-devel-azure-4.12.14-16.133.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-azure-4.12.14-16.133.1.noarch",
"product": {
"name": "kernel-source-azure-4.12.14-16.133.1.noarch",
"product_id": "kernel-source-azure-4.12.14-16.133.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-azure-4.12.14-16.133.1.x86_64",
"product": {
"name": "cluster-md-kmp-azure-4.12.14-16.133.1.x86_64",
"product_id": "cluster-md-kmp-azure-4.12.14-16.133.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-azure-4.12.14-16.133.1.x86_64",
"product": {
"name": "dlm-kmp-azure-4.12.14-16.133.1.x86_64",
"product_id": "dlm-kmp-azure-4.12.14-16.133.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-azure-4.12.14-16.133.1.x86_64",
"product": {
"name": "gfs2-kmp-azure-4.12.14-16.133.1.x86_64",
"product_id": "gfs2-kmp-azure-4.12.14-16.133.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-4.12.14-16.133.1.x86_64",
"product": {
"name": "kernel-azure-4.12.14-16.133.1.x86_64",
"product_id": "kernel-azure-4.12.14-16.133.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-base-4.12.14-16.133.1.x86_64",
"product": {
"name": "kernel-azure-base-4.12.14-16.133.1.x86_64",
"product_id": "kernel-azure-base-4.12.14-16.133.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-devel-4.12.14-16.133.1.x86_64",
"product": {
"name": "kernel-azure-devel-4.12.14-16.133.1.x86_64",
"product_id": "kernel-azure-devel-4.12.14-16.133.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-extra-4.12.14-16.133.1.x86_64",
"product": {
"name": "kernel-azure-extra-4.12.14-16.133.1.x86_64",
"product_id": "kernel-azure-extra-4.12.14-16.133.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-kgraft-devel-4.12.14-16.133.1.x86_64",
"product": {
"name": "kernel-azure-kgraft-devel-4.12.14-16.133.1.x86_64",
"product_id": "kernel-azure-kgraft-devel-4.12.14-16.133.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-azure-4.12.14-16.133.1.x86_64",
"product": {
"name": "kernel-syms-azure-4.12.14-16.133.1.x86_64",
"product_id": "kernel-syms-azure-4.12.14-16.133.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-azure-4.12.14-16.133.1.x86_64",
"product": {
"name": "kselftests-kmp-azure-4.12.14-16.133.1.x86_64",
"product_id": "kselftests-kmp-azure-4.12.14-16.133.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-azure-4.12.14-16.133.1.x86_64",
"product": {
"name": "ocfs2-kmp-azure-4.12.14-16.133.1.x86_64",
"product_id": "ocfs2-kmp-azure-4.12.14-16.133.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-4.12.14-16.133.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64"
},
"product_reference": "kernel-azure-4.12.14-16.133.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-base-4.12.14-16.133.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64"
},
"product_reference": "kernel-azure-base-4.12.14-16.133.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-devel-4.12.14-16.133.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64"
},
"product_reference": "kernel-azure-devel-4.12.14-16.133.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-azure-4.12.14-16.133.1.noarch as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch"
},
"product_reference": "kernel-devel-azure-4.12.14-16.133.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-azure-4.12.14-16.133.1.noarch as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch"
},
"product_reference": "kernel-source-azure-4.12.14-16.133.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-azure-4.12.14-16.133.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64"
},
"product_reference": "kernel-syms-azure-4.12.14-16.133.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-4.12.14-16.133.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64"
},
"product_reference": "kernel-azure-4.12.14-16.133.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-base-4.12.14-16.133.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64"
},
"product_reference": "kernel-azure-base-4.12.14-16.133.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-devel-4.12.14-16.133.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64"
},
"product_reference": "kernel-azure-devel-4.12.14-16.133.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-azure-4.12.14-16.133.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch"
},
"product_reference": "kernel-devel-azure-4.12.14-16.133.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-azure-4.12.14-16.133.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch"
},
"product_reference": "kernel-source-azure-4.12.14-16.133.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-azure-4.12.14-16.133.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64"
},
"product_reference": "kernel-syms-azure-4.12.14-16.133.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-36691",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-36691"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel before 5.8. lib/nlattr.c allows attackers to cause a denial of service (unbounded recursion) via a nested Netlink policy with a back reference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-36691",
"url": "https://www.suse.com/security/cve/CVE-2020-36691"
},
{
"category": "external",
"summary": "SUSE Bug 1209613 for CVE-2020-36691",
"url": "https://bugzilla.suse.com/1209613"
},
{
"category": "external",
"summary": "SUSE Bug 1209777 for CVE-2020-36691",
"url": "https://bugzilla.suse.com/1209777"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-05-10T16:07:03Z",
"details": "moderate"
}
],
"title": "CVE-2020-36691"
},
{
"cve": "CVE-2022-43945",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-43945"
}
],
"notes": [
{
"category": "general",
"text": "The Linux kernel NFSD implementation prior to versions 5.19.17 and 6.0.2 are vulnerable to buffer overflow. NFSD tracks the number of pages held by each NFSD thread by combining the receive and send buffers of a remote procedure call (RPC) into a single array of pages. A client can force the send buffer to shrink by sending an RPC message over TCP with garbage data added at the end of the message. The RPC message with garbage data is still correctly formed according to the specification and is passed forward to handlers. Vulnerable code in NFSD is not expecting the oversized request and writes beyond the allocated buffer space. CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-43945",
"url": "https://www.suse.com/security/cve/CVE-2022-43945"
},
{
"category": "external",
"summary": "SUSE Bug 1205128 for CVE-2022-43945",
"url": "https://bugzilla.suse.com/1205128"
},
{
"category": "external",
"summary": "SUSE Bug 1205130 for CVE-2022-43945",
"url": "https://bugzilla.suse.com/1205130"
},
{
"category": "external",
"summary": "SUSE Bug 1208030 for CVE-2022-43945",
"url": "https://bugzilla.suse.com/1208030"
},
{
"category": "external",
"summary": "SUSE Bug 1208085 for CVE-2022-43945",
"url": "https://bugzilla.suse.com/1208085"
},
{
"category": "external",
"summary": "SUSE Bug 1209225 for CVE-2022-43945",
"url": "https://bugzilla.suse.com/1209225"
},
{
"category": "external",
"summary": "SUSE Bug 1210124 for CVE-2022-43945",
"url": "https://bugzilla.suse.com/1210124"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-05-10T16:07:03Z",
"details": "important"
}
],
"title": "CVE-2022-43945"
},
{
"cve": "CVE-2023-1611",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-1611"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free flaw was found in btrfs_search_slot in fs/btrfs/ctree.c in btrfs in the Linux Kernel.This flaw allows an attacker to crash the system and possibly cause a kernel information lea",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-1611",
"url": "https://www.suse.com/security/cve/CVE-2023-1611"
},
{
"category": "external",
"summary": "SUSE Bug 1209687 for CVE-2023-1611",
"url": "https://bugzilla.suse.com/1209687"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-05-10T16:07:03Z",
"details": "moderate"
}
],
"title": "CVE-2023-1611"
},
{
"cve": "CVE-2023-1670",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-1670"
}
],
"notes": [
{
"category": "general",
"text": "A flaw use after free in the Linux kernel Xircom 16-bit PCMCIA (PC-card) Ethernet driver was found.A local user could use this flaw to crash the system or potentially escalate their privileges on the system.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-1670",
"url": "https://www.suse.com/security/cve/CVE-2023-1670"
},
{
"category": "external",
"summary": "SUSE Bug 1209871 for CVE-2023-1670",
"url": "https://bugzilla.suse.com/1209871"
},
{
"category": "external",
"summary": "SUSE Bug 1222212 for CVE-2023-1670",
"url": "https://bugzilla.suse.com/1222212"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-05-10T16:07:03Z",
"details": "moderate"
}
],
"title": "CVE-2023-1670"
},
{
"cve": "CVE-2023-1855",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-1855"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free flaw was found in xgene_hwmon_remove in drivers/hwmon/xgene-hwmon.c in the Hardware Monitoring Linux Kernel Driver (xgene-hwmon). This flaw could allow a local attacker to crash the system due to a race problem. This vulnerability could even lead to a kernel information leak problem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-1855",
"url": "https://www.suse.com/security/cve/CVE-2023-1855"
},
{
"category": "external",
"summary": "SUSE Bug 1210202 for CVE-2023-1855",
"url": "https://bugzilla.suse.com/1210202"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-05-10T16:07:03Z",
"details": "moderate"
}
],
"title": "CVE-2023-1855"
},
{
"cve": "CVE-2023-1989",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-1989"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free flaw was found in btsdio_remove in drivers\\bluetooth\\btsdio.c in the Linux Kernel. In this flaw, a call to btsdio_remove with an unfinished job, may cause a race problem leading to a UAF on hdev devices.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-1989",
"url": "https://www.suse.com/security/cve/CVE-2023-1989"
},
{
"category": "external",
"summary": "SUSE Bug 1210336 for CVE-2023-1989",
"url": "https://bugzilla.suse.com/1210336"
},
{
"category": "external",
"summary": "SUSE Bug 1210500 for CVE-2023-1989",
"url": "https://bugzilla.suse.com/1210500"
},
{
"category": "external",
"summary": "SUSE Bug 1213841 for CVE-2023-1989",
"url": "https://bugzilla.suse.com/1213841"
},
{
"category": "external",
"summary": "SUSE Bug 1213842 for CVE-2023-1989",
"url": "https://bugzilla.suse.com/1213842"
},
{
"category": "external",
"summary": "SUSE Bug 1214128 for CVE-2023-1989",
"url": "https://bugzilla.suse.com/1214128"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-05-10T16:07:03Z",
"details": "important"
}
],
"title": "CVE-2023-1989"
},
{
"cve": "CVE-2023-1990",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-1990"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free flaw was found in ndlc_remove in drivers/nfc/st-nci/ndlc.c in the Linux Kernel. This flaw could allow an attacker to crash the system due to a race problem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-1990",
"url": "https://www.suse.com/security/cve/CVE-2023-1990"
},
{
"category": "external",
"summary": "SUSE Bug 1210337 for CVE-2023-1990",
"url": "https://bugzilla.suse.com/1210337"
},
{
"category": "external",
"summary": "SUSE Bug 1210501 for CVE-2023-1990",
"url": "https://bugzilla.suse.com/1210501"
},
{
"category": "external",
"summary": "SUSE Bug 1214128 for CVE-2023-1990",
"url": "https://bugzilla.suse.com/1214128"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-05-10T16:07:03Z",
"details": "important"
}
],
"title": "CVE-2023-1990"
},
{
"cve": "CVE-2023-1998",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-1998"
}
],
"notes": [
{
"category": "general",
"text": "The Linux kernel allows userspace processes to enable mitigations by calling prctl with PR_SET_SPECULATION_CTRL which disables the speculation feature as well as by using seccomp. We had noticed that on VMs of at least one major cloud provider, the kernel still left the victim process exposed to attacks in some cases even after enabling the spectre-BTI mitigation with prctl. The same behavior can be observed on a bare-metal machine when forcing the mitigation to IBRS on boot command line.\n\nThis happened because when plain IBRS was enabled (not enhanced IBRS), the kernel had some logic that determined that STIBP was not needed. The IBRS bit implicitly protects against cross-thread branch target injection. However, with legacy IBRS, the IBRS bit was cleared on returning to userspace, due to performance reasons, which disabled the implicit STIBP and left userspace threads vulnerable to cross-thread branch target injection against which STIBP protects.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-1998",
"url": "https://www.suse.com/security/cve/CVE-2023-1998"
},
{
"category": "external",
"summary": "SUSE Bug 1210506 for CVE-2023-1998",
"url": "https://bugzilla.suse.com/1210506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-05-10T16:07:03Z",
"details": "moderate"
}
],
"title": "CVE-2023-1998"
},
{
"cve": "CVE-2023-2124",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-2124"
}
],
"notes": [
{
"category": "general",
"text": "An out-of-bounds memory access flaw was found in the Linux kernel\u0027s XFS file system in how a user restores an XFS image after failure (with a dirty log journal). This flaw allows a local user to crash or potentially escalate their privileges on the system.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-2124",
"url": "https://www.suse.com/security/cve/CVE-2023-2124"
},
{
"category": "external",
"summary": "SUSE Bug 1210498 for CVE-2023-2124",
"url": "https://bugzilla.suse.com/1210498"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-05-10T16:07:03Z",
"details": "moderate"
}
],
"title": "CVE-2023-2124"
},
{
"cve": "CVE-2023-2162",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-2162"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free vulnerability was found in iscsi_sw_tcp_session_create in drivers/scsi/iscsi_tcp.c in SCSI sub-component in the Linux Kernel. In this flaw an attacker could leak kernel internal information.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-2162",
"url": "https://www.suse.com/security/cve/CVE-2023-2162"
},
{
"category": "external",
"summary": "SUSE Bug 1210647 for CVE-2023-2162",
"url": "https://bugzilla.suse.com/1210647"
},
{
"category": "external",
"summary": "SUSE Bug 1210662 for CVE-2023-2162",
"url": "https://bugzilla.suse.com/1210662"
},
{
"category": "external",
"summary": "SUSE Bug 1213841 for CVE-2023-2162",
"url": "https://bugzilla.suse.com/1213841"
},
{
"category": "external",
"summary": "SUSE Bug 1213842 for CVE-2023-2162",
"url": "https://bugzilla.suse.com/1213842"
},
{
"category": "external",
"summary": "SUSE Bug 1214128 for CVE-2023-2162",
"url": "https://bugzilla.suse.com/1214128"
},
{
"category": "external",
"summary": "SUSE Bug 1222212 for CVE-2023-2162",
"url": "https://bugzilla.suse.com/1222212"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-05-10T16:07:03Z",
"details": "important"
}
],
"title": "CVE-2023-2162"
},
{
"cve": "CVE-2023-2483",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-2483"
}
],
"notes": [
{
"category": "general",
"text": "DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2023-33203. Reason: This candidate is a reservation duplicate of CVE-2023-33203. Notes: All CVE users should reference CVE-2023-33203 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-2483",
"url": "https://www.suse.com/security/cve/CVE-2023-2483"
},
{
"category": "external",
"summary": "SUSE Bug 1211037 for CVE-2023-2483",
"url": "https://bugzilla.suse.com/1211037"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-05-10T16:07:03Z",
"details": "moderate"
}
],
"title": "CVE-2023-2483"
},
{
"cve": "CVE-2023-30772",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-30772"
}
],
"notes": [
{
"category": "general",
"text": "The Linux kernel before 6.2.9 has a race condition and resultant use-after-free in drivers/power/supply/da9150-charger.c if a physically proximate attacker unplugs a device.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-30772",
"url": "https://www.suse.com/security/cve/CVE-2023-30772"
},
{
"category": "external",
"summary": "SUSE Bug 1210329 for CVE-2023-30772",
"url": "https://bugzilla.suse.com/1210329"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-05-10T16:07:03Z",
"details": "moderate"
}
],
"title": "CVE-2023-30772"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…