Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2022-3104 (GCVE-0-2022-3104)
Vulnerability from cvelistv5
Published
2022-12-14 00:00
Modified
2024-08-03 01:00
Severity ?
EPSS score ?
Summary
An issue was discovered in the Linux kernel through 5.16-rc6. lkdtm_ARRAY_BOUNDS in drivers/misc/lkdtm/bugs.c lacks check of the return value of kmalloc() and will cause the null pointer dereference.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=2153062 | Issue Tracking, Third Party Advisory | |
| secalert@redhat.com | https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.19-rc2&id=4a9800c81d2f34afb66b4b42e0330ae8298019a2 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=2153062 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.19-rc2&id=4a9800c81d2f34afb66b4b42e0330ae8298019a2 | Patch, Vendor Advisory |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T01:00:09.942Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.19-rc2&id=4a9800c81d2f34afb66b4b42e0330ae8298019a2", }, { tags: [ "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=2153062", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Kernel", vendor: "n/a", versions: [ { status: "affected", version: "Linux 5.16-rc6", }, ], }, ], descriptions: [ { lang: "en", value: "An issue was discovered in the Linux kernel through 5.16-rc6. lkdtm_ARRAY_BOUNDS in drivers/misc/lkdtm/bugs.c lacks check of the return value of kmalloc() and will cause the null pointer dereference.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-476", description: "CWE-476", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-12-14T00:00:00", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { url: "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.19-rc2&id=4a9800c81d2f34afb66b4b42e0330ae8298019a2", }, { url: "https://bugzilla.redhat.com/show_bug.cgi?id=2153062", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2022-3104", datePublished: "2022-12-14T00:00:00", dateReserved: "2022-09-02T00:00:00", dateUpdated: "2024-08-03T01:00:09.942Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", "vulnerability-lookup:meta": { fkie_nvd: { configurations: "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"5.16.0\", \"matchCriteriaId\": \"02711EF3-4708-401A-A551-BF2666F9CB9A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:5.16.0:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"6D91531A-B5F0-42DC-BF86-12BDB991AAD9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:5.16.0:rc1:*:*:*:*:*:*\", \"matchCriteriaId\": \"7FEA1289-2893-487A-B46C-75AA73FB409A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:5.16.0:rc2:*:*:*:*:*:*\", \"matchCriteriaId\": \"366AF5E2-1187-4871-95D7-17FB5AC61153\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:5.16.0:rc3:*:*:*:*:*:*\", \"matchCriteriaId\": \"EDAA6EAB-A0D8-4522-93CD-E939BE5AC78B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:5.16.0:rc4:*:*:*:*:*:*\", \"matchCriteriaId\": \"420512FD-751B-491E-9F9E-79F6733A876D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:5.16.0:rc5:*:*:*:*:*:*\", \"matchCriteriaId\": \"21E83CF6-6096-4011-9C22-67225992771A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:5.16.0:rc6:*:*:*:*:*:*\", \"matchCriteriaId\": \"C109325B-0F6B-405E-8490-0A55A2294D79\"}]}]}]", descriptions: "[{\"lang\": \"en\", \"value\": \"An issue was discovered in the Linux kernel through 5.16-rc6. lkdtm_ARRAY_BOUNDS in drivers/misc/lkdtm/bugs.c lacks check of the return value of kmalloc() and will cause the null pointer dereference.\"}, {\"lang\": \"es\", \"value\": \"Se descubri\\u00f3 un problema en el kernel de Linux hasta 5.16-rc6. lkdtm_ARRAY_BOUNDS en drivers/misc/lkdtm/bugs.c carece de verificaci\\u00f3n del valor de retorno de kmalloc() y provocar\\u00e1 la desreferencia del puntero nulo.\"}]", id: "CVE-2022-3104", lastModified: "2024-11-21T07:18:50.067", metrics: "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 5.5, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 3.6}]}", published: "2022-12-14T21:15:11.407", references: "[{\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2153062\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Issue Tracking\", \"Third Party Advisory\"]}, {\"url\": \"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.19-rc2&id=4a9800c81d2f34afb66b4b42e0330ae8298019a2\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2153062\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\", \"Third Party Advisory\"]}, {\"url\": \"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.19-rc2&id=4a9800c81d2f34afb66b4b42e0330ae8298019a2\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}]", sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: "[{\"source\": \"secalert@redhat.com\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-476\"}]}]", }, nvd: "{\"cve\":{\"id\":\"CVE-2022-3104\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2022-12-14T21:15:11.407\",\"lastModified\":\"2024-11-21T07:18:50.067\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An issue was discovered in the Linux kernel through 5.16-rc6. lkdtm_ARRAY_BOUNDS in drivers/misc/lkdtm/bugs.c lacks check of the return value of kmalloc() and will cause the null pointer dereference.\"},{\"lang\":\"es\",\"value\":\"Se descubrió un problema en el kernel de Linux hasta 5.16-rc6. lkdtm_ARRAY_BOUNDS en drivers/misc/lkdtm/bugs.c carece de verificación del valor de retorno de kmalloc() y provocará la desreferencia del puntero nulo.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-476\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"5.16.0\",\"matchCriteriaId\":\"02711EF3-4708-401A-A551-BF2666F9CB9A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:5.16.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"6D91531A-B5F0-42DC-BF86-12BDB991AAD9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:5.16.0:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"7FEA1289-2893-487A-B46C-75AA73FB409A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:5.16.0:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"366AF5E2-1187-4871-95D7-17FB5AC61153\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:5.16.0:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"EDAA6EAB-A0D8-4522-93CD-E939BE5AC78B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:5.16.0:rc4:*:*:*:*:*:*\",\"matchCriteriaId\":\"420512FD-751B-491E-9F9E-79F6733A876D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:5.16.0:rc5:*:*:*:*:*:*\",\"matchCriteriaId\":\"21E83CF6-6096-4011-9C22-67225992771A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:5.16.0:rc6:*:*:*:*:*:*\",\"matchCriteriaId\":\"C109325B-0F6B-405E-8490-0A55A2294D79\"}]}]}],\"references\":[{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=2153062\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.19-rc2&id=4a9800c81d2f34afb66b4b42e0330ae8298019a2\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=2153062\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.19-rc2&id=4a9800c81d2f34afb66b4b42e0330ae8298019a2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]}]}}", }, }
wid-sec-w-2022-2322
Vulnerability from csaf_certbund
Published
2022-12-13 23:00
Modified
2023-07-26 22:00
Summary
Linux Kernel: Mehrere Schwachstellen ermöglichen nicht spezifizierten Angriff
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Der Kernel stellt den Kern des Linux Betriebssystems dar.
Angriff
Ein lokaler Angreifer kann mehrere Schwachstellen in Linux Kernel ausnutzen, um einen nicht näher spezifizierten Angriff durchzuführen.
Betroffene Betriebssysteme
- Linux
{ document: { aggregate_severity: { text: "niedrig", }, category: "csaf_base", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "de-DE", notes: [ { category: "legal_disclaimer", text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.", }, { category: "description", text: "Der Kernel stellt den Kern des Linux Betriebssystems dar.", title: "Produktbeschreibung", }, { category: "summary", text: "Ein lokaler Angreifer kann mehrere Schwachstellen in Linux Kernel ausnutzen, um einen nicht näher spezifizierten Angriff durchzuführen.", title: "Angriff", }, { category: "general", text: "- Linux", title: "Betroffene Betriebssysteme", }, ], publisher: { category: "other", contact_details: "csaf-provider@cert-bund.de", name: "Bundesamt für Sicherheit in der Informationstechnik", namespace: "https://www.bsi.bund.de", }, references: [ { category: "self", summary: "WID-SEC-W-2022-2322 - CSAF Version", url: "https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-2322.json", }, { category: "self", summary: "WID-SEC-2022-2322 - Portal Version", url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-2322", }, { category: "external", summary: "Ubuntu Security Notice USN-6256-1 vom 2023-07-26", url: "https://ubuntu.com/security/notices/USN-6256-1", }, { category: "external", summary: "Ubuntu Security Notice USN-6235-1 vom 2023-07-18", url: "https://ubuntu.com/security/notices/USN-6235-1", }, { category: "external", summary: "Ubuntu Security Notice USN-6222-1 vom 2023-07-12", url: "https://ubuntu.com/security/notices/USN-6222-1", }, { category: "external", summary: "IBM Security Bulletin 7005925 vom 2023-06-21", url: "https://www.ibm.com/support/pages/node/7005925", }, { category: "external", summary: "Ubuntu Security Notice USN-6093-1 vom 2023-05-22", url: "https://ubuntu.com/security/notices/USN-6093-1", }, { category: "external", summary: "Ubuntu Security Notice USN-6027-1 vom 2023-04-19", url: "https://ubuntu.com/security/notices/USN-6027-1", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2023-12256 vom 2023-04-17", url: "https://linux.oracle.com/errata/ELSA-2023-12256.html", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2023-12255 vom 2023-04-17", url: "https://linux.oracle.com/errata/ELSA-2023-12255.html", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2023-12242 vom 2023-04-10", url: "http://linux.oracle.com/errata/ELSA-2023-12242.html", }, { category: "external", summary: "Ubuntu Security Notice USN-6001-1 vom 2023-04-06", url: "https://ubuntu.com/security/notices/USN-6001-1", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2023:0618-1 vom 2023-03-06", url: "https://lists.suse.com/pipermail/sle-security-updates/2023-March/013976.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2023:0591-1 vom 2023-03-02", url: "https://lists.suse.com/pipermail/sle-security-updates/2023-March/013959.html", }, { category: "external", summary: "RedHat Bugzilla vom 2022-12-13", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2153052", }, { category: "external", summary: "RedHat Bugzilla vom 2022-12-13", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2153053", }, { category: "external", summary: "RedHat Bugzilla vom 2022-12-13", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2153054", }, { category: "external", summary: "RedHat Bugzilla vom 2022-12-13", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2153055", }, { category: "external", summary: "RedHat Bugzilla vom 2022-12-13", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2153058", }, { category: "external", summary: "RedHat Bugzilla vom 2022-12-13", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2153059", }, { category: "external", summary: "RedHat Bugzilla vom 2022-12-13", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2153060", }, { category: "external", summary: "RedHat Bugzilla vom 2022-12-13", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2153062", }, { category: "external", summary: "RedHat Bugzilla vom 2022-12-13", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2153066", }, { category: "external", summary: "RedHat Bugzilla vom 2022-12-13", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2153067", }, { category: "external", summary: "RedHat Bugzilla vom 2022-12-13", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2153068", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2022:4617-1 vom 2022-12-23", url: "https://lists.suse.com/pipermail/sle-security-updates/2022-December/013342.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2023:0134-1 vom 2023-01-25", url: "https://lists.suse.com/pipermail/sle-security-updates/2023-January/013523.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2023:0146-1 vom 2023-01-26", url: "https://lists.suse.com/pipermail/sle-security-updates/2023-January/013527.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2023:0147-1 vom 2023-01-26", url: "https://lists.suse.com/pipermail/sle-security-updates/2023-January/013528.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2023:0148-1 vom 2023-01-26", url: "https://lists.suse.com/pipermail/sle-security-updates/2023-January/013532.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2023:0152-1 vom 2023-01-26", url: "https://lists.suse.com/pipermail/sle-security-updates/2023-January/013530.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2023:0149-1 vom 2023-01-26", url: "https://lists.suse.com/pipermail/sle-security-updates/2023-January/013529.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2023:0410-1 vom 2023-02-14", url: "https://lists.suse.com/pipermail/sle-security-updates/2023-February/013764.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2023:0406-1 vom 2023-02-14", url: "https://lists.suse.com/pipermail/sle-security-updates/2023-February/013757.html", }, ], source_lang: "en-US", title: "Linux Kernel: Mehrere Schwachstellen ermöglichen nicht spezifizierten Angriff", tracking: { current_release_date: "2023-07-26T22:00:00.000+00:00", generator: { date: "2024-08-15T17:39:58.280+00:00", engine: { name: "BSI-WID", version: "1.3.5", }, }, id: "WID-SEC-W-2022-2322", initial_release_date: "2022-12-13T23:00:00.000+00:00", revision_history: [ { date: "2022-12-13T23:00:00.000+00:00", number: "1", summary: "Initiale Fassung", }, { date: "2022-12-26T23:00:00.000+00:00", number: "2", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2023-01-25T23:00:00.000+00:00", number: "3", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2023-01-26T23:00:00.000+00:00", number: "4", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2023-02-14T23:00:00.000+00:00", number: "5", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2023-03-02T23:00:00.000+00:00", number: "6", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2023-03-06T23:00:00.000+00:00", number: "7", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2023-04-05T22:00:00.000+00:00", number: "8", summary: "Neue Updates von Ubuntu aufgenommen", }, { date: "2023-04-10T22:00:00.000+00:00", number: "9", summary: "Neue Updates von Oracle Linux aufgenommen", }, { date: "2023-04-17T22:00:00.000+00:00", number: "10", summary: "Neue Updates von Oracle Linux aufgenommen", }, { date: "2023-04-19T22:00:00.000+00:00", number: "11", summary: "Neue Updates von Ubuntu aufgenommen", }, { date: "2023-05-22T22:00:00.000+00:00", number: "12", summary: "Neue Updates von Ubuntu aufgenommen", }, { date: "2023-06-21T22:00:00.000+00:00", number: "13", summary: "Neue Updates von IBM aufgenommen", }, { date: "2023-07-12T22:00:00.000+00:00", number: "14", summary: "Neue Updates von Ubuntu aufgenommen", }, { date: "2023-07-18T22:00:00.000+00:00", number: "15", summary: "Neue Updates von Ubuntu aufgenommen", }, { date: "2023-07-26T22:00:00.000+00:00", number: "16", summary: "Neue Updates von Ubuntu aufgenommen", }, ], status: "final", version: "16", }, }, product_tree: { branches: [ { branches: [ { category: "product_name", name: "IBM Spectrum Protect Plus 10.1", product: { name: "IBM Spectrum Protect Plus 10.1", product_id: "T015895", product_identification_helper: { cpe: "cpe:/a:ibm:spectrum_protect:plus_10.1", }, }, }, ], category: "vendor", name: "IBM", }, { branches: [ { category: "product_name", name: "Open Source Linux Kernel < 5.17-rc6", product: { name: "Open Source Linux Kernel < 5.17-rc6", product_id: "T025608", product_identification_helper: { cpe: "cpe:/o:linux:linux_kernel:5.17-rc6", }, }, }, ], category: "vendor", name: "Open Source", }, { branches: [ { category: "product_name", name: "Oracle Linux", product: { name: "Oracle Linux", product_id: "T004914", product_identification_helper: { cpe: "cpe:/o:oracle:linux:-", }, }, }, ], category: "vendor", name: "Oracle", }, { branches: [ { category: "product_name", name: "SUSE Linux", product: { name: "SUSE Linux", product_id: "T002207", product_identification_helper: { cpe: "cpe:/o:suse:suse_linux:-", }, }, }, ], category: "vendor", name: "SUSE", }, { branches: [ { category: "product_name", name: "Ubuntu Linux", product: { name: "Ubuntu Linux", product_id: "T000126", product_identification_helper: { cpe: "cpe:/o:canonical:ubuntu_linux:-", }, }, }, ], category: "vendor", name: "Ubuntu", }, ], }, vulnerabilities: [ { cve: "CVE-2022-3104", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen im Linux Kernel. Ungenügende Überprüfungen von Rückgabewerten an verschiedenen Stellen führt zu Nullzeiger Dereferenzen. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T002207", "T000126", "T015895", "T004914", ], }, release_date: "2022-12-13T23:00:00.000+00:00", title: "CVE-2022-3104", }, { cve: "CVE-2022-3105", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen im Linux Kernel. Ungenügende Überprüfungen von Rückgabewerten an verschiedenen Stellen führt zu Nullzeiger Dereferenzen. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T002207", "T000126", "T015895", "T004914", ], }, release_date: "2022-12-13T23:00:00.000+00:00", title: "CVE-2022-3105", }, { cve: "CVE-2022-3106", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen im Linux Kernel. Ungenügende Überprüfungen von Rückgabewerten an verschiedenen Stellen führt zu Nullzeiger Dereferenzen. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T002207", "T000126", "T015895", "T004914", ], }, release_date: "2022-12-13T23:00:00.000+00:00", title: "CVE-2022-3106", }, { cve: "CVE-2022-3107", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen im Linux Kernel. Ungenügende Überprüfungen von Rückgabewerten an verschiedenen Stellen führt zu Nullzeiger Dereferenzen. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T002207", "T000126", "T015895", "T004914", ], }, release_date: "2022-12-13T23:00:00.000+00:00", title: "CVE-2022-3107", }, { cve: "CVE-2022-3108", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen im Linux Kernel. Ungenügende Überprüfungen von Rückgabewerten an verschiedenen Stellen führt zu Nullzeiger Dereferenzen. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T002207", "T000126", "T015895", "T004914", ], }, release_date: "2022-12-13T23:00:00.000+00:00", title: "CVE-2022-3108", }, { cve: "CVE-2022-3110", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen im Linux Kernel. Ungenügende Überprüfungen von Rückgabewerten an verschiedenen Stellen führt zu Nullzeiger Dereferenzen. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T002207", "T000126", "T015895", "T004914", ], }, release_date: "2022-12-13T23:00:00.000+00:00", title: "CVE-2022-3110", }, { cve: "CVE-2022-3111", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen im Linux Kernel. Ungenügende Überprüfungen von Rückgabewerten an verschiedenen Stellen führt zu Nullzeiger Dereferenzen. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T002207", "T000126", "T015895", "T004914", ], }, release_date: "2022-12-13T23:00:00.000+00:00", title: "CVE-2022-3111", }, { cve: "CVE-2022-3112", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen im Linux Kernel. Ungenügende Überprüfungen von Rückgabewerten an verschiedenen Stellen führt zu Nullzeiger Dereferenzen. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T002207", "T000126", "T015895", "T004914", ], }, release_date: "2022-12-13T23:00:00.000+00:00", title: "CVE-2022-3112", }, { cve: "CVE-2022-3113", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen im Linux Kernel. Ungenügende Überprüfungen von Rückgabewerten an verschiedenen Stellen führt zu Nullzeiger Dereferenzen. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T002207", "T000126", "T015895", "T004914", ], }, release_date: "2022-12-13T23:00:00.000+00:00", title: "CVE-2022-3113", }, { cve: "CVE-2022-3114", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen im Linux Kernel. Ungenügende Überprüfungen von Rückgabewerten an verschiedenen Stellen führt zu Nullzeiger Dereferenzen. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T002207", "T000126", "T015895", "T004914", ], }, release_date: "2022-12-13T23:00:00.000+00:00", title: "CVE-2022-3114", }, { cve: "CVE-2022-3115", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen im Linux Kernel. Ungenügende Überprüfungen von Rückgabewerten an verschiedenen Stellen führt zu Nullzeiger Dereferenzen. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T002207", "T000126", "T015895", "T004914", ], }, release_date: "2022-12-13T23:00:00.000+00:00", title: "CVE-2022-3115", }, ], }
WID-SEC-W-2023-1432
Vulnerability from csaf_certbund
Published
2023-06-12 22:00
Modified
2023-06-22 22:00
Summary
Siemens SIMATIC S7: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Die SIMATIC S7 ist eine Serie von SPS (Speicherprogrammierbare Steuerungen) für Automatisierungsanwendungen.
Angriff
Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter, physischer oder lokaler Angreifer kann mehrere Schwachstellen in Siemens SIMATIC S7 ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren.
Betroffene Betriebssysteme
- BIOS/Firmware
{ document: { aggregate_severity: { text: "kritisch", }, category: "csaf_base", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "de-DE", notes: [ { category: "legal_disclaimer", text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.", }, { category: "description", text: "Die SIMATIC S7 ist eine Serie von SPS (Speicherprogrammierbare Steuerungen) für Automatisierungsanwendungen.", title: "Produktbeschreibung", }, { category: "summary", text: "Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter, physischer oder lokaler Angreifer kann mehrere Schwachstellen in Siemens SIMATIC S7 ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren.", title: "Angriff", }, { category: "general", text: "- BIOS/Firmware", title: "Betroffene Betriebssysteme", }, ], publisher: { category: "other", contact_details: "csaf-provider@cert-bund.de", name: "Bundesamt für Sicherheit in der Informationstechnik", namespace: "https://www.bsi.bund.de", }, references: [ { category: "self", summary: "WID-SEC-W-2023-1432 - CSAF Version", url: "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-1432.json", }, { category: "self", summary: "WID-SEC-2023-1432 - Portal Version", url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1432", }, { category: "external", summary: "Ubuntu Security Notice USN-6187-1 vom 2023-06-22", url: "https://ubuntu.com/security/notices/USN-6187-1", }, { category: "external", summary: "Siemens Security Advisory vom 2023-06-12", url: "https://cert-portal.siemens.com/productcert/html/ssa-831302.html", }, { category: "external", summary: "Siemens Security Advisory vom 2023-06-12", url: "https://cert-portal.siemens.com/productcert/html/ssa-794697.html", }, ], source_lang: "en-US", title: "Siemens SIMATIC S7: Mehrere Schwachstellen", tracking: { current_release_date: "2023-06-22T22:00:00.000+00:00", generator: { date: "2024-08-15T17:52:18.956+00:00", engine: { name: "BSI-WID", version: "1.3.5", }, }, id: "WID-SEC-W-2023-1432", initial_release_date: "2023-06-12T22:00:00.000+00:00", revision_history: [ { date: "2023-06-12T22:00:00.000+00:00", number: "1", summary: "Initiale Fassung", }, { date: "2023-06-22T22:00:00.000+00:00", number: "2", summary: "Neue Updates von Ubuntu aufgenommen", }, ], status: "final", version: "2", }, }, product_tree: { branches: [ { branches: [ { category: "product_name", name: "Siemens SIMATIC S7 1500 TM MFP", product: { name: "Siemens SIMATIC S7 1500 TM MFP", product_id: "T028071", product_identification_helper: { cpe: "cpe:/h:siemens:simatic_s7:1500_tm_mfp", }, }, }, ], category: "vendor", name: "Siemens", }, { branches: [ { category: "product_name", name: "Ubuntu Linux", product: { name: "Ubuntu Linux", product_id: "T000126", product_identification_helper: { cpe: "cpe:/o:canonical:ubuntu_linux:-", }, }, }, ], category: "vendor", name: "Ubuntu", }, ], }, vulnerabilities: [ { cve: "CVE-2023-26607", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2023-26607", }, { cve: "CVE-2023-23559", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2023-23559", }, { cve: "CVE-2023-23455", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2023-23455", }, { cve: "CVE-2023-23454", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2023-23454", }, { cve: "CVE-2023-1095", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2023-1095", }, { cve: "CVE-2023-1077", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2023-1077", }, { cve: "CVE-2023-1073", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2023-1073", }, { cve: "CVE-2023-0590", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2023-0590", }, { cve: "CVE-2023-0466", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2023-0466", }, { cve: "CVE-2023-0465", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2023-0465", }, { cve: "CVE-2023-0464", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2023-0464", }, { cve: "CVE-2023-0394", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2023-0394", }, { cve: "CVE-2023-0286", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2023-0286", }, { cve: "CVE-2023-0215", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2023-0215", }, { cve: "CVE-2023-0179", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2023-0179", }, { cve: "CVE-2022-47946", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-47946", }, { cve: "CVE-2022-47929", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-47929", }, { cve: "CVE-2022-47520", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-47520", }, { cve: "CVE-2022-47518", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-47518", }, { cve: "CVE-2022-4662", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-4662", }, { cve: "CVE-2022-4450", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-4450", }, { cve: "CVE-2022-4378", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-4378", }, { cve: "CVE-2022-43750", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-43750", }, { cve: "CVE-2022-4304", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-4304", }, { cve: "CVE-2022-42896", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-42896", }, { cve: "CVE-2022-42895", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-42895", }, { cve: "CVE-2022-42722", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-42722", }, { cve: "CVE-2022-42721", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-42721", }, { cve: "CVE-2022-42720", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-42720", }, { cve: "CVE-2022-42719", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-42719", }, { cve: "CVE-2022-42703", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-42703", }, { cve: "CVE-2022-42432", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-42432", }, { cve: "CVE-2022-42329", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-42329", }, { cve: "CVE-2022-42328", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-42328", }, { cve: "CVE-2022-41850", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-41850", }, { cve: "CVE-2022-41849", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-41849", }, { cve: "CVE-2022-41674", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-41674", }, { cve: "CVE-2022-4139", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-4139", }, { cve: "CVE-2022-4129", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-4129", }, { cve: "CVE-2022-41222", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-41222", }, { cve: "CVE-2022-41218", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-41218", }, { cve: "CVE-2022-4095", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-4095", }, { cve: "CVE-2022-40768", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-40768", }, { cve: "CVE-2022-40307", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-40307", }, { cve: "CVE-2022-39190", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-39190", }, { cve: "CVE-2022-39188", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-39188", }, { cve: "CVE-2022-36946", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-36946", }, { cve: "CVE-2022-36879", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-36879", }, { cve: "CVE-2022-3649", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-3649", }, { cve: "CVE-2022-3646", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-3646", }, { cve: "CVE-2022-3635", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-3635", }, { cve: "CVE-2022-3633", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-3633", }, { cve: "CVE-2022-3629", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-3629", }, { cve: "CVE-2022-36280", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-36280", }, { cve: "CVE-2022-3628", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-3628", }, { cve: "CVE-2022-3625", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-3625", }, { cve: "CVE-2022-3621", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-3621", }, { cve: "CVE-2022-36123", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-36123", }, { cve: "CVE-2022-3606", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-3606", }, { cve: "CVE-2022-3594", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-3594", }, { cve: "CVE-2022-3586", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-3586", }, { cve: "CVE-2022-3565", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-3565", }, { cve: "CVE-2022-3564", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-3564", }, { cve: "CVE-2022-3545", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-3545", }, { cve: "CVE-2022-3534", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-3534", }, { cve: "CVE-2022-3524", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-3524", }, { cve: "CVE-2022-3521", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-3521", }, { cve: "CVE-2022-34918", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-34918", }, { cve: "CVE-2022-3435", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-3435", }, { cve: "CVE-2022-3303", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-3303", }, { cve: "CVE-2022-32296", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-32296", }, { cve: "CVE-2022-32250", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-32250", }, { cve: "CVE-2022-3169", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-3169", }, { cve: "CVE-2022-3115", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-3115", }, { cve: "CVE-2022-3104", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-3104", }, { cve: "CVE-2022-3028", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-3028", }, { cve: "CVE-2022-30065", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-30065", }, { cve: "CVE-2022-2978", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-2978", }, { cve: "CVE-2022-2959", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-2959", }, { cve: "CVE-2022-2905", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-2905", }, { cve: "CVE-2022-28391", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-28391", }, { cve: "CVE-2022-2663", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-2663", }, { cve: "CVE-2022-26373", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-26373", }, { cve: "CVE-2022-2602", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-2602", }, { cve: "CVE-2022-2588", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-2588", }, { cve: "CVE-2022-2586", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-2586", }, { cve: "CVE-2022-2585", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-2585", }, { cve: "CVE-2022-2503", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-2503", }, { cve: "CVE-2022-2327", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-2327", }, { cve: "CVE-2022-23219", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-23219", }, { cve: "CVE-2022-23218", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-23218", }, { cve: "CVE-2022-2274", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-2274", }, { cve: "CVE-2022-2153", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-2153", }, { cve: "CVE-2022-21505", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-21505", }, { cve: "CVE-2022-21233", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-21233", }, { cve: "CVE-2022-21166", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-21166", }, { cve: "CVE-2022-21125", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-21125", }, { cve: "CVE-2022-21123", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-21123", }, { cve: "CVE-2022-2097", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-2097", }, { cve: "CVE-2022-2078", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-2078", }, { cve: "CVE-2022-2068", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-2068", }, { cve: "CVE-2022-20572", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-20572", }, { cve: "CVE-2022-20566", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-20566", }, { cve: "CVE-2022-20422", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-20422", }, { cve: "CVE-2022-20421", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-20421", }, { cve: "CVE-2022-1882", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-1882", }, { cve: "CVE-2022-1852", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-1852", }, { cve: "CVE-2022-1679", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-1679", }, { cve: "CVE-2022-1473", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-1473", }, { cve: "CVE-2022-1462", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-1462", }, { cve: "CVE-2022-1434", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-1434", }, { cve: "CVE-2022-1343", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-1343", }, { cve: "CVE-2022-1292", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-1292", }, { cve: "CVE-2022-1184", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-1184", }, { cve: "CVE-2022-1012", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-1012", }, { cve: "CVE-2022-0171", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-0171", }, { cve: "CVE-2021-42386", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2021-42386", }, { cve: "CVE-2021-42385", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2021-42385", }, { cve: "CVE-2021-42384", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2021-42384", }, { cve: "CVE-2021-42383", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2021-42383", }, { cve: "CVE-2021-42382", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2021-42382", }, { cve: "CVE-2021-42381", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2021-42381", }, { cve: "CVE-2021-42380", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2021-42380", }, { cve: "CVE-2021-42379", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2021-42379", }, { cve: "CVE-2021-42378", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2021-42378", }, { cve: "CVE-2021-42377", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2021-42377", }, { cve: "CVE-2021-42376", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2021-42376", }, { cve: "CVE-2021-42375", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2021-42375", }, { cve: "CVE-2021-42374", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2021-42374", }, { cve: "CVE-2021-42373", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2021-42373", }, { cve: "CVE-2021-4037", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2021-4037", }, { cve: "CVE-2021-3999", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2021-3999", }, { cve: "CVE-2021-3998", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2021-3998", }, { cve: "CVE-2021-38604", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2021-38604", }, { cve: "CVE-2021-3759", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2021-3759", }, { cve: "CVE-2021-35942", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2021-35942", }, { cve: "CVE-2021-33655", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2021-33655", }, { cve: "CVE-2021-33574", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2021-33574", }, { cve: "CVE-2021-3326", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2021-3326", }, { cve: "CVE-2021-28831", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2021-28831", }, { cve: "CVE-2021-27645", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2021-27645", }, { cve: "CVE-2021-20269", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2021-20269", }, { cve: "CVE-2020-29562", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2020-29562", }, { cve: "CVE-2020-27618", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2020-27618", }, { cve: "CVE-2020-1752", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2020-1752", }, { cve: "CVE-2020-10029", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2020-10029", }, { cve: "CVE-2019-25013", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2019-25013", }, { cve: "CVE-2018-13405", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2018-13405", }, { cve: "CVE-2016-10228", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2016-10228", }, ], }
wid-sec-w-2023-1432
Vulnerability from csaf_certbund
Published
2023-06-12 22:00
Modified
2023-06-22 22:00
Summary
Siemens SIMATIC S7: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Die SIMATIC S7 ist eine Serie von SPS (Speicherprogrammierbare Steuerungen) für Automatisierungsanwendungen.
Angriff
Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter, physischer oder lokaler Angreifer kann mehrere Schwachstellen in Siemens SIMATIC S7 ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren.
Betroffene Betriebssysteme
- BIOS/Firmware
{ document: { aggregate_severity: { text: "kritisch", }, category: "csaf_base", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "de-DE", notes: [ { category: "legal_disclaimer", text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.", }, { category: "description", text: "Die SIMATIC S7 ist eine Serie von SPS (Speicherprogrammierbare Steuerungen) für Automatisierungsanwendungen.", title: "Produktbeschreibung", }, { category: "summary", text: "Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter, physischer oder lokaler Angreifer kann mehrere Schwachstellen in Siemens SIMATIC S7 ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren.", title: "Angriff", }, { category: "general", text: "- BIOS/Firmware", title: "Betroffene Betriebssysteme", }, ], publisher: { category: "other", contact_details: "csaf-provider@cert-bund.de", name: "Bundesamt für Sicherheit in der Informationstechnik", namespace: "https://www.bsi.bund.de", }, references: [ { category: "self", summary: "WID-SEC-W-2023-1432 - CSAF Version", url: "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-1432.json", }, { category: "self", summary: "WID-SEC-2023-1432 - Portal Version", url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1432", }, { category: "external", summary: "Ubuntu Security Notice USN-6187-1 vom 2023-06-22", url: "https://ubuntu.com/security/notices/USN-6187-1", }, { category: "external", summary: "Siemens Security Advisory vom 2023-06-12", url: "https://cert-portal.siemens.com/productcert/html/ssa-831302.html", }, { category: "external", summary: "Siemens Security Advisory vom 2023-06-12", url: "https://cert-portal.siemens.com/productcert/html/ssa-794697.html", }, ], source_lang: "en-US", title: "Siemens SIMATIC S7: Mehrere Schwachstellen", tracking: { current_release_date: "2023-06-22T22:00:00.000+00:00", generator: { date: "2024-08-15T17:52:18.956+00:00", engine: { name: "BSI-WID", version: "1.3.5", }, }, id: "WID-SEC-W-2023-1432", initial_release_date: "2023-06-12T22:00:00.000+00:00", revision_history: [ { date: "2023-06-12T22:00:00.000+00:00", number: "1", summary: "Initiale Fassung", }, { date: "2023-06-22T22:00:00.000+00:00", number: "2", summary: "Neue Updates von Ubuntu aufgenommen", }, ], status: "final", version: "2", }, }, product_tree: { branches: [ { branches: [ { category: "product_name", name: "Siemens SIMATIC S7 1500 TM MFP", product: { name: "Siemens SIMATIC S7 1500 TM MFP", product_id: "T028071", product_identification_helper: { cpe: "cpe:/h:siemens:simatic_s7:1500_tm_mfp", }, }, }, ], category: "vendor", name: "Siemens", }, { branches: [ { category: "product_name", name: "Ubuntu Linux", product: { name: "Ubuntu Linux", product_id: "T000126", product_identification_helper: { cpe: "cpe:/o:canonical:ubuntu_linux:-", }, }, }, ], category: "vendor", name: "Ubuntu", }, ], }, vulnerabilities: [ { cve: "CVE-2023-26607", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2023-26607", }, { cve: "CVE-2023-23559", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2023-23559", }, { cve: "CVE-2023-23455", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2023-23455", }, { cve: "CVE-2023-23454", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2023-23454", }, { cve: "CVE-2023-1095", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2023-1095", }, { cve: "CVE-2023-1077", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2023-1077", }, { cve: "CVE-2023-1073", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2023-1073", }, { cve: "CVE-2023-0590", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2023-0590", }, { cve: "CVE-2023-0466", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2023-0466", }, { cve: "CVE-2023-0465", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2023-0465", }, { cve: "CVE-2023-0464", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2023-0464", }, { cve: "CVE-2023-0394", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2023-0394", }, { cve: "CVE-2023-0286", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2023-0286", }, { cve: "CVE-2023-0215", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2023-0215", }, { cve: "CVE-2023-0179", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2023-0179", }, { cve: "CVE-2022-47946", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-47946", }, { cve: "CVE-2022-47929", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-47929", }, { cve: "CVE-2022-47520", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-47520", }, { cve: "CVE-2022-47518", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-47518", }, { cve: "CVE-2022-4662", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-4662", }, { cve: "CVE-2022-4450", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-4450", }, { cve: "CVE-2022-4378", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-4378", }, { cve: "CVE-2022-43750", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-43750", }, { cve: "CVE-2022-4304", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-4304", }, { cve: "CVE-2022-42896", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-42896", }, { cve: "CVE-2022-42895", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-42895", }, { cve: "CVE-2022-42722", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-42722", }, { cve: "CVE-2022-42721", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-42721", }, { cve: "CVE-2022-42720", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-42720", }, { cve: "CVE-2022-42719", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-42719", }, { cve: "CVE-2022-42703", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-42703", }, { cve: "CVE-2022-42432", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-42432", }, { cve: "CVE-2022-42329", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-42329", }, { cve: "CVE-2022-42328", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-42328", }, { cve: "CVE-2022-41850", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-41850", }, { cve: "CVE-2022-41849", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-41849", }, { cve: "CVE-2022-41674", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-41674", }, { cve: "CVE-2022-4139", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-4139", }, { cve: "CVE-2022-4129", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-4129", }, { cve: "CVE-2022-41222", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-41222", }, { cve: "CVE-2022-41218", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-41218", }, { cve: "CVE-2022-4095", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-4095", }, { cve: "CVE-2022-40768", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-40768", }, { cve: "CVE-2022-40307", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-40307", }, { cve: "CVE-2022-39190", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-39190", }, { cve: "CVE-2022-39188", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-39188", }, { cve: "CVE-2022-36946", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-36946", }, { cve: "CVE-2022-36879", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-36879", }, { cve: "CVE-2022-3649", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-3649", }, { cve: "CVE-2022-3646", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-3646", }, { cve: "CVE-2022-3635", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-3635", }, { cve: "CVE-2022-3633", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-3633", }, { cve: "CVE-2022-3629", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-3629", }, { cve: "CVE-2022-36280", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-36280", }, { cve: "CVE-2022-3628", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-3628", }, { cve: "CVE-2022-3625", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-3625", }, { cve: "CVE-2022-3621", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-3621", }, { cve: "CVE-2022-36123", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-36123", }, { cve: "CVE-2022-3606", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-3606", }, { cve: "CVE-2022-3594", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-3594", }, { cve: "CVE-2022-3586", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-3586", }, { cve: "CVE-2022-3565", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-3565", }, { cve: "CVE-2022-3564", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-3564", }, { cve: "CVE-2022-3545", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-3545", }, { cve: "CVE-2022-3534", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-3534", }, { cve: "CVE-2022-3524", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-3524", }, { cve: "CVE-2022-3521", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-3521", }, { cve: "CVE-2022-34918", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-34918", }, { cve: "CVE-2022-3435", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-3435", }, { cve: "CVE-2022-3303", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-3303", }, { cve: "CVE-2022-32296", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-32296", }, { cve: "CVE-2022-32250", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-32250", }, { cve: "CVE-2022-3169", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-3169", }, { cve: "CVE-2022-3115", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-3115", }, { cve: "CVE-2022-3104", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-3104", }, { cve: "CVE-2022-3028", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-3028", }, { cve: "CVE-2022-30065", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-30065", }, { cve: "CVE-2022-2978", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-2978", }, { cve: "CVE-2022-2959", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-2959", }, { cve: "CVE-2022-2905", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-2905", }, { cve: "CVE-2022-28391", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-28391", }, { cve: "CVE-2022-2663", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-2663", }, { cve: "CVE-2022-26373", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-26373", }, { cve: "CVE-2022-2602", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-2602", }, { cve: "CVE-2022-2588", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-2588", }, { cve: "CVE-2022-2586", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-2586", }, { cve: "CVE-2022-2585", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-2585", }, { cve: "CVE-2022-2503", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-2503", }, { cve: "CVE-2022-2327", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-2327", }, { cve: "CVE-2022-23219", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-23219", }, { cve: "CVE-2022-23218", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-23218", }, { cve: "CVE-2022-2274", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-2274", }, { cve: "CVE-2022-2153", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-2153", }, { cve: "CVE-2022-21505", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-21505", }, { cve: "CVE-2022-21233", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-21233", }, { cve: "CVE-2022-21166", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-21166", }, { cve: "CVE-2022-21125", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-21125", }, { cve: "CVE-2022-21123", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-21123", }, { cve: "CVE-2022-2097", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-2097", }, { cve: "CVE-2022-2078", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-2078", }, { cve: "CVE-2022-2068", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-2068", }, { cve: "CVE-2022-20572", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-20572", }, { cve: "CVE-2022-20566", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-20566", }, { cve: "CVE-2022-20422", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-20422", }, { cve: "CVE-2022-20421", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-20421", }, { cve: "CVE-2022-1882", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-1882", }, { cve: "CVE-2022-1852", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-1852", }, { cve: "CVE-2022-1679", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-1679", }, { cve: "CVE-2022-1473", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-1473", }, { cve: "CVE-2022-1462", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-1462", }, { cve: "CVE-2022-1434", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-1434", }, { cve: "CVE-2022-1343", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-1343", }, { cve: "CVE-2022-1292", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-1292", }, { cve: "CVE-2022-1184", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-1184", }, { cve: "CVE-2022-1012", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-1012", }, { cve: "CVE-2022-0171", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2022-0171", }, { cve: "CVE-2021-42386", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2021-42386", }, { cve: "CVE-2021-42385", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2021-42385", }, { cve: "CVE-2021-42384", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2021-42384", }, { cve: "CVE-2021-42383", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2021-42383", }, { cve: "CVE-2021-42382", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2021-42382", }, { cve: "CVE-2021-42381", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2021-42381", }, { cve: "CVE-2021-42380", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2021-42380", }, { cve: "CVE-2021-42379", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2021-42379", }, { cve: "CVE-2021-42378", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2021-42378", }, { cve: "CVE-2021-42377", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2021-42377", }, { cve: "CVE-2021-42376", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2021-42376", }, { cve: "CVE-2021-42375", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2021-42375", }, { cve: "CVE-2021-42374", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2021-42374", }, { cve: "CVE-2021-42373", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2021-42373", }, { cve: "CVE-2021-4037", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2021-4037", }, { cve: "CVE-2021-3999", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2021-3999", }, { cve: "CVE-2021-3998", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2021-3998", }, { cve: "CVE-2021-38604", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2021-38604", }, { cve: "CVE-2021-3759", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2021-3759", }, { cve: "CVE-2021-35942", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2021-35942", }, { cve: "CVE-2021-33655", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2021-33655", }, { cve: "CVE-2021-33574", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2021-33574", }, { cve: "CVE-2021-3326", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2021-3326", }, { cve: "CVE-2021-28831", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2021-28831", }, { cve: "CVE-2021-27645", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2021-27645", }, { cve: "CVE-2021-20269", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2021-20269", }, { cve: "CVE-2020-29562", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2020-29562", }, { cve: "CVE-2020-27618", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2020-27618", }, { cve: "CVE-2020-1752", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2020-1752", }, { cve: "CVE-2020-10029", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2020-10029", }, { cve: "CVE-2019-25013", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2019-25013", }, { cve: "CVE-2018-13405", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2018-13405", }, { cve: "CVE-2016-10228", notes: [ { category: "description", text: "In Siemens SIMATIC S7 existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von unzulässigen Einschränkungen, Pufferüberläufen, fehlenden Freigaben und use-after-free-Problemen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.", }, ], product_status: { known_affected: [ "T000126", "T028071", ], }, release_date: "2023-06-12T22:00:00.000+00:00", title: "CVE-2016-10228", }, ], }
WID-SEC-W-2022-2322
Vulnerability from csaf_certbund
Published
2022-12-13 23:00
Modified
2023-07-26 22:00
Summary
Linux Kernel: Mehrere Schwachstellen ermöglichen nicht spezifizierten Angriff
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Der Kernel stellt den Kern des Linux Betriebssystems dar.
Angriff
Ein lokaler Angreifer kann mehrere Schwachstellen in Linux Kernel ausnutzen, um einen nicht näher spezifizierten Angriff durchzuführen.
Betroffene Betriebssysteme
- Linux
{ document: { aggregate_severity: { text: "niedrig", }, category: "csaf_base", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "de-DE", notes: [ { category: "legal_disclaimer", text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.", }, { category: "description", text: "Der Kernel stellt den Kern des Linux Betriebssystems dar.", title: "Produktbeschreibung", }, { category: "summary", text: "Ein lokaler Angreifer kann mehrere Schwachstellen in Linux Kernel ausnutzen, um einen nicht näher spezifizierten Angriff durchzuführen.", title: "Angriff", }, { category: "general", text: "- Linux", title: "Betroffene Betriebssysteme", }, ], publisher: { category: "other", contact_details: "csaf-provider@cert-bund.de", name: "Bundesamt für Sicherheit in der Informationstechnik", namespace: "https://www.bsi.bund.de", }, references: [ { category: "self", summary: "WID-SEC-W-2022-2322 - CSAF Version", url: "https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-2322.json", }, { category: "self", summary: "WID-SEC-2022-2322 - Portal Version", url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-2322", }, { category: "external", summary: "Ubuntu Security Notice USN-6256-1 vom 2023-07-26", url: "https://ubuntu.com/security/notices/USN-6256-1", }, { category: "external", summary: "Ubuntu Security Notice USN-6235-1 vom 2023-07-18", url: "https://ubuntu.com/security/notices/USN-6235-1", }, { category: "external", summary: "Ubuntu Security Notice USN-6222-1 vom 2023-07-12", url: "https://ubuntu.com/security/notices/USN-6222-1", }, { category: "external", summary: "IBM Security Bulletin 7005925 vom 2023-06-21", url: "https://www.ibm.com/support/pages/node/7005925", }, { category: "external", summary: "Ubuntu Security Notice USN-6093-1 vom 2023-05-22", url: "https://ubuntu.com/security/notices/USN-6093-1", }, { category: "external", summary: "Ubuntu Security Notice USN-6027-1 vom 2023-04-19", url: "https://ubuntu.com/security/notices/USN-6027-1", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2023-12256 vom 2023-04-17", url: "https://linux.oracle.com/errata/ELSA-2023-12256.html", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2023-12255 vom 2023-04-17", url: "https://linux.oracle.com/errata/ELSA-2023-12255.html", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2023-12242 vom 2023-04-10", url: "http://linux.oracle.com/errata/ELSA-2023-12242.html", }, { category: "external", summary: "Ubuntu Security Notice USN-6001-1 vom 2023-04-06", url: "https://ubuntu.com/security/notices/USN-6001-1", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2023:0618-1 vom 2023-03-06", url: "https://lists.suse.com/pipermail/sle-security-updates/2023-March/013976.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2023:0591-1 vom 2023-03-02", url: "https://lists.suse.com/pipermail/sle-security-updates/2023-March/013959.html", }, { category: "external", summary: "RedHat Bugzilla vom 2022-12-13", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2153052", }, { category: "external", summary: "RedHat Bugzilla vom 2022-12-13", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2153053", }, { category: "external", summary: "RedHat Bugzilla vom 2022-12-13", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2153054", }, { category: "external", summary: "RedHat Bugzilla vom 2022-12-13", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2153055", }, { category: "external", summary: "RedHat Bugzilla vom 2022-12-13", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2153058", }, { category: "external", summary: "RedHat Bugzilla vom 2022-12-13", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2153059", }, { category: "external", summary: "RedHat Bugzilla vom 2022-12-13", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2153060", }, { category: "external", summary: "RedHat Bugzilla vom 2022-12-13", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2153062", }, { category: "external", summary: "RedHat Bugzilla vom 2022-12-13", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2153066", }, { category: "external", summary: "RedHat Bugzilla vom 2022-12-13", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2153067", }, { category: "external", summary: "RedHat Bugzilla vom 2022-12-13", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2153068", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2022:4617-1 vom 2022-12-23", url: "https://lists.suse.com/pipermail/sle-security-updates/2022-December/013342.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2023:0134-1 vom 2023-01-25", url: "https://lists.suse.com/pipermail/sle-security-updates/2023-January/013523.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2023:0146-1 vom 2023-01-26", url: "https://lists.suse.com/pipermail/sle-security-updates/2023-January/013527.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2023:0147-1 vom 2023-01-26", url: "https://lists.suse.com/pipermail/sle-security-updates/2023-January/013528.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2023:0148-1 vom 2023-01-26", url: "https://lists.suse.com/pipermail/sle-security-updates/2023-January/013532.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2023:0152-1 vom 2023-01-26", url: "https://lists.suse.com/pipermail/sle-security-updates/2023-January/013530.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2023:0149-1 vom 2023-01-26", url: "https://lists.suse.com/pipermail/sle-security-updates/2023-January/013529.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2023:0410-1 vom 2023-02-14", url: "https://lists.suse.com/pipermail/sle-security-updates/2023-February/013764.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2023:0406-1 vom 2023-02-14", url: "https://lists.suse.com/pipermail/sle-security-updates/2023-February/013757.html", }, ], source_lang: "en-US", title: "Linux Kernel: Mehrere Schwachstellen ermöglichen nicht spezifizierten Angriff", tracking: { current_release_date: "2023-07-26T22:00:00.000+00:00", generator: { date: "2024-08-15T17:39:58.280+00:00", engine: { name: "BSI-WID", version: "1.3.5", }, }, id: "WID-SEC-W-2022-2322", initial_release_date: "2022-12-13T23:00:00.000+00:00", revision_history: [ { date: "2022-12-13T23:00:00.000+00:00", number: "1", summary: "Initiale Fassung", }, { date: "2022-12-26T23:00:00.000+00:00", number: "2", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2023-01-25T23:00:00.000+00:00", number: "3", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2023-01-26T23:00:00.000+00:00", number: "4", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2023-02-14T23:00:00.000+00:00", number: "5", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2023-03-02T23:00:00.000+00:00", number: "6", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2023-03-06T23:00:00.000+00:00", number: "7", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2023-04-05T22:00:00.000+00:00", number: "8", summary: "Neue Updates von Ubuntu aufgenommen", }, { date: "2023-04-10T22:00:00.000+00:00", number: "9", summary: "Neue Updates von Oracle Linux aufgenommen", }, { date: "2023-04-17T22:00:00.000+00:00", number: "10", summary: "Neue Updates von Oracle Linux aufgenommen", }, { date: "2023-04-19T22:00:00.000+00:00", number: "11", summary: "Neue Updates von Ubuntu aufgenommen", }, { date: "2023-05-22T22:00:00.000+00:00", number: "12", summary: "Neue Updates von Ubuntu aufgenommen", }, { date: "2023-06-21T22:00:00.000+00:00", number: "13", summary: "Neue Updates von IBM aufgenommen", }, { date: "2023-07-12T22:00:00.000+00:00", number: "14", summary: "Neue Updates von Ubuntu aufgenommen", }, { date: "2023-07-18T22:00:00.000+00:00", number: "15", summary: "Neue Updates von Ubuntu aufgenommen", }, { date: "2023-07-26T22:00:00.000+00:00", number: "16", summary: "Neue Updates von Ubuntu aufgenommen", }, ], status: "final", version: "16", }, }, product_tree: { branches: [ { branches: [ { category: "product_name", name: "IBM Spectrum Protect Plus 10.1", product: { name: "IBM Spectrum Protect Plus 10.1", product_id: "T015895", product_identification_helper: { cpe: "cpe:/a:ibm:spectrum_protect:plus_10.1", }, }, }, ], category: "vendor", name: "IBM", }, { branches: [ { category: "product_name", name: "Open Source Linux Kernel < 5.17-rc6", product: { name: "Open Source Linux Kernel < 5.17-rc6", product_id: "T025608", product_identification_helper: { cpe: "cpe:/o:linux:linux_kernel:5.17-rc6", }, }, }, ], category: "vendor", name: "Open Source", }, { branches: [ { category: "product_name", name: "Oracle Linux", product: { name: "Oracle Linux", product_id: "T004914", product_identification_helper: { cpe: "cpe:/o:oracle:linux:-", }, }, }, ], category: "vendor", name: "Oracle", }, { branches: [ { category: "product_name", name: "SUSE Linux", product: { name: "SUSE Linux", product_id: "T002207", product_identification_helper: { cpe: "cpe:/o:suse:suse_linux:-", }, }, }, ], category: "vendor", name: "SUSE", }, { branches: [ { category: "product_name", name: "Ubuntu Linux", product: { name: "Ubuntu Linux", product_id: "T000126", product_identification_helper: { cpe: "cpe:/o:canonical:ubuntu_linux:-", }, }, }, ], category: "vendor", name: "Ubuntu", }, ], }, vulnerabilities: [ { cve: "CVE-2022-3104", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen im Linux Kernel. Ungenügende Überprüfungen von Rückgabewerten an verschiedenen Stellen führt zu Nullzeiger Dereferenzen. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T002207", "T000126", "T015895", "T004914", ], }, release_date: "2022-12-13T23:00:00.000+00:00", title: "CVE-2022-3104", }, { cve: "CVE-2022-3105", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen im Linux Kernel. Ungenügende Überprüfungen von Rückgabewerten an verschiedenen Stellen führt zu Nullzeiger Dereferenzen. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T002207", "T000126", "T015895", "T004914", ], }, release_date: "2022-12-13T23:00:00.000+00:00", title: "CVE-2022-3105", }, { cve: "CVE-2022-3106", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen im Linux Kernel. Ungenügende Überprüfungen von Rückgabewerten an verschiedenen Stellen führt zu Nullzeiger Dereferenzen. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T002207", "T000126", "T015895", "T004914", ], }, release_date: "2022-12-13T23:00:00.000+00:00", title: "CVE-2022-3106", }, { cve: "CVE-2022-3107", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen im Linux Kernel. Ungenügende Überprüfungen von Rückgabewerten an verschiedenen Stellen führt zu Nullzeiger Dereferenzen. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T002207", "T000126", "T015895", "T004914", ], }, release_date: "2022-12-13T23:00:00.000+00:00", title: "CVE-2022-3107", }, { cve: "CVE-2022-3108", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen im Linux Kernel. Ungenügende Überprüfungen von Rückgabewerten an verschiedenen Stellen führt zu Nullzeiger Dereferenzen. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T002207", "T000126", "T015895", "T004914", ], }, release_date: "2022-12-13T23:00:00.000+00:00", title: "CVE-2022-3108", }, { cve: "CVE-2022-3110", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen im Linux Kernel. Ungenügende Überprüfungen von Rückgabewerten an verschiedenen Stellen führt zu Nullzeiger Dereferenzen. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T002207", "T000126", "T015895", "T004914", ], }, release_date: "2022-12-13T23:00:00.000+00:00", title: "CVE-2022-3110", }, { cve: "CVE-2022-3111", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen im Linux Kernel. Ungenügende Überprüfungen von Rückgabewerten an verschiedenen Stellen führt zu Nullzeiger Dereferenzen. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T002207", "T000126", "T015895", "T004914", ], }, release_date: "2022-12-13T23:00:00.000+00:00", title: "CVE-2022-3111", }, { cve: "CVE-2022-3112", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen im Linux Kernel. Ungenügende Überprüfungen von Rückgabewerten an verschiedenen Stellen führt zu Nullzeiger Dereferenzen. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T002207", "T000126", "T015895", "T004914", ], }, release_date: "2022-12-13T23:00:00.000+00:00", title: "CVE-2022-3112", }, { cve: "CVE-2022-3113", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen im Linux Kernel. Ungenügende Überprüfungen von Rückgabewerten an verschiedenen Stellen führt zu Nullzeiger Dereferenzen. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T002207", "T000126", "T015895", "T004914", ], }, release_date: "2022-12-13T23:00:00.000+00:00", title: "CVE-2022-3113", }, { cve: "CVE-2022-3114", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen im Linux Kernel. Ungenügende Überprüfungen von Rückgabewerten an verschiedenen Stellen führt zu Nullzeiger Dereferenzen. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T002207", "T000126", "T015895", "T004914", ], }, release_date: "2022-12-13T23:00:00.000+00:00", title: "CVE-2022-3114", }, { cve: "CVE-2022-3115", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen im Linux Kernel. Ungenügende Überprüfungen von Rückgabewerten an verschiedenen Stellen führt zu Nullzeiger Dereferenzen. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T002207", "T000126", "T015895", "T004914", ], }, release_date: "2022-12-13T23:00:00.000+00:00", title: "CVE-2022-3115", }, ], }
icsa-23-166-11
Vulnerability from csaf_cisa
Published
2023-06-13 00:00
Modified
2024-04-09 00:00
Summary
Siemens SIMATIC S7-1500 TM MFP Linux Kernel
Notes
Summary
Multiple vulnerabilities have been identified in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP V1.0.
Siemens has released a new version for SIMATIC S7-1500 TM MFP - GNU/Linux subsystem and recommends to update to the latest version.
This advisory lists vulnerabilities for firmware version V1.0 only; for V1.1 refer to Siemens Security Advisory SSA-265688 (
https://cert-portal.siemens.com/productcert/html/ssa-265688.html).
General Recommendations
As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download:
https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.
Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity
Additional Resources
For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Terms of Use
Siemens Security Advisories are subject to the terms and conditions contained in Siemens' underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter "License Terms"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens' Global Website (https://www.siemens.com/terms_of_use, hereinafter "Terms of Use"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Advisory Conversion Disclaimer
This CISA CSAF advisory was converted from Siemens ProductCERT's CSAF advisory.
Critical infrastructure sectors
Multiple
Countries/areas deployed
Worldwide
Company headquarters location
Germany
Recommended Practices
CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability.
Recommended Practices
Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.
Recommended Practices
Locate control system networks and remote devices behind firewalls and isolate them from business networks.
Recommended Practices
When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.
Recommended Practices
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
Recommended Practices
CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Recommended Practices
Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
{ document: { acknowledgments: [ { organization: "Siemens ProductCERT", summary: "reporting these vulnerabilities to CISA.", }, ], category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Disclosure is not limited", tlp: { label: "WHITE", url: "https://us-cert.cisa.gov/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Multiple vulnerabilities have been identified in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP V1.0.\n\nSiemens has released a new version for SIMATIC S7-1500 TM MFP - GNU/Linux subsystem and recommends to update to the latest version.\n\nThis advisory lists vulnerabilities for firmware version V1.0 only; for V1.1 refer to Siemens Security Advisory SSA-265688 (\nhttps://cert-portal.siemens.com/productcert/html/ssa-265688.html).", title: "Summary", }, { category: "general", text: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", title: "General Recommendations", }, { category: "general", text: "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories", title: "Additional Resources", }, { category: "legal_disclaimer", text: "Siemens Security Advisories are subject to the terms and conditions contained in Siemens' underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter \"License Terms\"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens' Global Website (https://www.siemens.com/terms_of_use, hereinafter \"Terms of Use\"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.", title: "Terms of Use", }, { category: "legal_disclaimer", text: "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.", title: "Legal Notice", }, { category: "other", text: "This CISA CSAF advisory was converted from Siemens ProductCERT's CSAF advisory.", title: "Advisory Conversion Disclaimer", }, { category: "other", text: "Multiple", title: "Critical infrastructure sectors", }, { category: "other", text: "Worldwide", title: "Countries/areas deployed", }, { category: "other", text: "Germany", title: "Company headquarters location", }, { category: "general", text: "CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability.", title: "Recommended Practices", }, { category: "general", text: "Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.", title: "Recommended Practices", }, { category: "general", text: "Locate control system networks and remote devices behind firewalls and isolate them from business networks.", title: "Recommended Practices", }, { category: "general", text: "When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.", title: "Recommended Practices", }, { category: "general", text: "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.", title: "Recommended Practices", }, { category: "general", text: "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.", title: "Recommended Practices", }, { category: "general", text: "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.", title: "Recommended Practices", }, { category: "general", text: "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.", title: "Recommended Practices", }, ], publisher: { category: "other", contact_details: "central@cisa.dhs.gov", name: "CISA", namespace: "https://www.cisa.gov/", }, references: [ { category: "self", summary: "SSA-794697: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP before V1.1 - CSAF Version", url: "https://cert-portal.siemens.com/productcert/csaf/ssa-794697.json", }, { category: "self", summary: "SSA-794697: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP before V1.1 - HTML Version", url: "https://cert-portal.siemens.com/productcert/html/ssa-794697.html", }, { category: "self", summary: "SSA-794697: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP before V1.1 - PDF Version", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-794697.pdf", }, { category: "self", summary: "SSA-794697: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP before V1.1 - TXT Version", url: "https://cert-portal.siemens.com/productcert/txt/ssa-794697.txt", }, { category: "self", summary: "ICS Advisory ICSA-23-166-11 JSON", url: "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2023/icsa-23-166-11.json", }, { category: "self", summary: "ICS Advisory ICSA-23-166-11 - Web Version", url: "https://www.cisa.gov/news-events/ics-advisories/icsa-23-166-11", }, { category: "external", summary: "Recommended Practices", url: "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01", }, { category: "external", summary: "Recommended Practices", url: "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices", }, { category: "external", summary: "Recommended Practices", url: "https://www.cisa.gov/topics/industrial-control-systems", }, { category: "external", summary: "Recommended Practices", url: "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf", }, { category: "external", summary: "Recommended Practices", url: "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf", }, { category: "external", summary: "Recommended Practices", url: "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B", }, ], title: "Siemens SIMATIC S7-1500 TM MFP Linux Kernel", tracking: { current_release_date: "2024-04-09T00:00:00.000000Z", generator: { engine: { name: "CISA CSAF Generator", version: "1.0.0", }, }, id: "ICSA-23-166-11", initial_release_date: "2023-06-13T00:00:00.000000Z", revision_history: [ { date: "2023-06-13T00:00:00.000000Z", legacy_version: "1.0", number: "1", summary: "Publication Date", }, { date: "2023-07-11T00:00:00.000000Z", legacy_version: "1.1", number: "2", summary: "Added CVE-2022-4269, CVE-2023-3141, CVE-2023-3268, CVE-2023-31436, CVE-2023-32233", }, { date: "2023-08-08T00:00:00.000000Z", legacy_version: "1.2", number: "3", summary: "Added CVE-2023-3446, CVE-2023-3389, CVE-2022-1015, \r\nCVE-2023-3609", }, { date: "2023-09-12T00:00:00.000000Z", legacy_version: "1.3", number: "4", summary: "Added CVE-2023-3338", }, { date: "2023-11-14T00:00:00.000000Z", legacy_version: "1.4", number: "5", summary: "Added CVE-2023-1206, CVE-2023-2898, CVE-2023-3610, CVE-2023-3611, CVE-2023-3772, CVE-2023-3773, CVE-2023-3777, CVE-2023-4004, CVE-2023-4015, CVE-2023-4273, CVE-2023-4623, CVE-2023-4921, CVE-2023-35001, CVE-2023-37453, CVE-2023-39192, CVE-2023-39193, CVE-2023-39194, CVE-2023-42753, CVE-2023-42755", }, { date: "2023-12-12T00:00:00.000000Z", legacy_version: "1.5", number: "6", summary: "Added CVE-2021-44879, CVE-2023-5178, CVE-2023-5197, CVE-2023-5678, CVE-2023-5717, CVE-2023-31085, CVE-2023-35827, CVE-2023-39189, CVE-2023-42754, CVE-2023-45863, CVE-2023-45871", }, { date: "2024-01-09T00:00:00.000000Z", legacy_version: "1.6", number: "7", summary: "Added CVE-2023-48795", }, { date: "2024-02-13T00:00:00.000000Z", legacy_version: "1.7", number: "8", summary: "Added CVE-2020-12762, CVE-2023-6606, CVE-2023-6931, CVE-2023-6932, CVE-2023-7008, CVE-2023-7104, CVE-2023-36660, CVE-2023-50495, CVE-2023-51384, CVE-2023-51385, CVE-2023-51767, CVE-2024-0232, CVE-2024-0553, CVE-2024-0567, CVE-2024-0584, CVE-2024-0684, CVE-2024-22365, CVE-2024-25062", }, { date: "2024-04-09T00:00:00.000000Z", legacy_version: "1.8", number: "9", summary: "Added fix for SIMATIC S7-1500 TM MFP - GNU/Linux subsystem", }, ], status: "final", version: "9", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version_range", name: "<V1.1", product: { name: "SIMATIC S7-1500 TM MFP - GNU/Linux subsystem", product_id: "CSAFPID-0001", }, }, ], category: "product_name", name: "SIMATIC S7-1500 TM MFP - GNU/Linux subsystem", }, ], category: "vendor", name: "Siemens", }, ], }, vulnerabilities: [ { cve: "CVE-2020-12762", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, notes: [ { category: "summary", text: "json-c through 0.14 has an integer overflow and out-of-bounds write via a large JSON file, as demonstrated by printbuf_memappend.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2020-12762", }, { cve: "CVE-2021-3759", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "summary", text: "A memory overflow vulnerability was found in the Linux kernel’s ipc functionality of the memcg subsystem, in the way a user calls the semget function multiple times, creating semaphores. This flaw allows a local user to starve the resources, causing a denial of service. The highest threat from this vulnerability is to system availability.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2021-3759", }, { cve: "CVE-2021-4037", cwe: { id: "CWE-284", name: "Improper Access Control", }, notes: [ { category: "summary", text: "A vulnerability was found in the fs/inode.c:inode_init_owner() function logic of the LInux kernel that allows local users to create files for the XFS file-system with an unintended group ownership and with group execution and SGID permission bits set, in a scenario where a directory is SGID and belongs to a certain group and is writable by a user who is not a member of this group. This can lead to excessive permissions granted in case when they should not. This vulnerability is similar to the previous CVE-2018-13405 and adds the missed fix for the XFS.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2021-4037", }, { cve: "CVE-2021-33655", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "When sending malicous data to kernel by ioctl cmd FBIOPUT_VSCREENINFO,kernel will write memory out of bounds.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 6.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2021-33655", }, { cve: "CVE-2021-44879", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "summary", text: "In gc_data_segment in fs/f2fs/gc.c in the Linux kernel before 5.16.3, special files are not considered, leading to a move_data_page NULL pointer dereference.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2021-44879", }, { cve: "CVE-2022-0171", cwe: { id: "CWE-459", name: "Incomplete Cleanup", }, notes: [ { category: "summary", text: "A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root (host) user-level application to crash the host kernel by creating a confidential guest VM instance in AMD CPU that supports Secure Encrypted Virtualization (SEV).", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-0171", }, { cve: "CVE-2022-1012", cwe: { id: "CWE-401", name: "Missing Release of Memory after Effective Lifetime", }, notes: [ { category: "summary", text: "A memory leak problem was found in the TCP source port generation algorithm in net/ipv4/tcp.c due to the small table perturb size. This flaw may allow an attacker to information leak and may cause a denial of service problem.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 8.2, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-1012", }, { cve: "CVE-2022-1015", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "A flaw was found in the Linux kernel in linux/net/netfilter/nf_tables_api.c of the netfilter subsystem. This flaw allows a local user to cause an out-of-bounds write issue.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-1015", }, { cve: "CVE-2022-1184", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free flaw was found in fs/ext4/namei.c:dx_insert_block() in the Linux kernel’s filesystem sub-component. This flaw allows a local attacker with a user privilege to cause a denial of service.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-1184", }, { cve: "CVE-2022-1292", cwe: { id: "CWE-78", name: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", }, notes: [ { category: "summary", text: "The c_rehash script does not properly sanitise shell metacharacters to prevent command injection.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-1292", }, { cve: "CVE-2022-1343", cwe: { id: "CWE-295", name: "Improper Certificate Validation", }, notes: [ { category: "summary", text: "Under certain circumstances, the command line OCSP verify function reports successful verification when the verification in fact failed. In this case the incorrect successful response will also be accompanied by error messages showing the failure and contradicting the apparently successful result.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-1343", }, { cve: "CVE-2022-1434", cwe: { id: "CWE-327", name: "Use of a Broken or Risky Cryptographic Algorithm", }, notes: [ { category: "summary", text: "When using the RC4-MD5 ciphersuite, which is disabled by default, an attacker is able to modify data in transit due to an incorrect use of the AAD data as the MAC key in OpenSSL 3.0. An attacker is not able to decrypt any communication.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-1434", }, { cve: "CVE-2022-1462", cwe: { id: "CWE-362", name: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", }, notes: [ { category: "summary", text: "An out-of-bounds read flaw was found in the Linux kernel’s TeleTYpe subsystem. The issue occurs in how a user triggers a race condition using ioctls TIOCSPTLCK and TIOCGPTPEER and TIOCSTI and TCXONC with leakage of memory in the flush_to_ldisc function. This flaw allows a local user to crash the system or read unauthorized random data from memory.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 6.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-1462", }, { cve: "CVE-2022-1473", cwe: { id: "CWE-404", name: "Improper Resource Shutdown or Release", }, notes: [ { category: "summary", text: "The used OpenSSL version improperly reuses memory when decoding certificates or keys. This can lead to a process termination and Denial of Service for long lived processes.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-1473", }, { cve: "CVE-2022-1679", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free flaw was found in the Linux kernel’s Atheros wireless adapter driver in the way a user forces the ath9k_htc_wait_for_target function to fail with some input messages. This flaw allows a local user to crash or potentially escalate their privileges on the system.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-1679", }, { cve: "CVE-2022-1852", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "summary", text: "A NULL pointer dereference flaw was found in the Linux kernel’s KVM module, which can lead to a denial of service in the x86_emulate_insn in arch/x86/kvm/emulate.c. This flaw occurs while executing an illegal instruction in guest in the Intel CPU.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-1852", }, { cve: "CVE-2022-1882", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free flaw was found in the Linux kernel’s pipes functionality in how a user performs manipulations with the pipe post_one_notification() after free_pipe_info() that is already called. This flaw allows a local user to crash or potentially escalate their privileges on the system.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-1882", }, { cve: "CVE-2022-2068", cwe: { id: "CWE-78", name: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", }, notes: [ { category: "summary", text: "In addition to the c_rehash shell command injection identified in CVE-2022-1292, further circumstances where the c_rehash script does not properly sanitise shell metacharacters to prevent command injection were found by code review. When the CVE-2022-1292 was fixed it was not discovered that there are other places in the script where the file names of certificates being hashed were possibly passed to a command executed through the shell. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-2068", }, { cve: "CVE-2022-2078", cwe: { id: "CWE-121", name: "Stack-based Buffer Overflow", }, notes: [ { category: "summary", text: "A vulnerability was found in the Linux kernel's nft_set_desc_concat_parse() function .This flaw allows an attacker to trigger a buffer overflow via nft_set_desc_concat_parse() , causing a denial of service and possibly to run code.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-2078", }, { cve: "CVE-2022-2097", cwe: { id: "CWE-326", name: "Inadequate Encryption Strength", }, notes: [ { category: "summary", text: "AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation will not encrypt the entirety of the data under some circumstances. This could reveal sixteen bytes of data that was preexisting in the memory that wasn't written. In the special case of \"in place\" encryption, sixteen bytes of the plaintext would be revealed. Since OpenSSL does not support OCB based cipher suites for TLS and DTLS, they are both unaffected.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-2097", }, { cve: "CVE-2022-2153", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "summary", text: "A flaw was found in the Linux kernel’s KVM when attempting to set a SynIC IRQ. This issue makes it possible for a misbehaving VMM to write to SYNIC/STIMER MSRs, causing a NULL pointer dereference. This flaw allows an unprivileged local attacker on the host to issue specific ioctl calls, causing a kernel oops condition that results in a denial of service.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-2153", }, { cve: "CVE-2022-2274", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "The OpenSSL 3.0.4 release introduced a serious bug in the RSA implementation for X86_64 CPUs supporting the AVX512IFMA instructions. This issue makes the RSA implementation with 2048 bit private keys incorrect on such machines and memory corruption will happen during the computation. As a consequence of the memory corruption an attacker may be able to trigger a remote code execution on the machine performing the computation. SSL/TLS servers or other servers using 2048 bit RSA private keys running on machines supporting AVX512IFMA instructions of the X86_64 architecture are affected by this issue.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-2274", }, { cve: "CVE-2022-2327", cwe: { id: "CWE-415", name: "Double Free", }, notes: [ { category: "summary", text: "io_uring use work_flags to determine which identity need to grab from the calling process to make sure it is consistent with the calling process when executing IORING_OP. Some operations are missing some types, which can lead to incorrect reference counts which can then lead to a double free. We recommend upgrading the kernel past commit df3f3bb5059d20ef094d6b2f0256c4bf4127a859", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-2327", }, { cve: "CVE-2022-2503", cwe: { id: "CWE-287", name: "Improper Authentication", }, notes: [ { category: "summary", text: "Dm-verity is used for extending root-of-trust to root filesystems. LoadPin builds on this property to restrict module/firmware loads to just the trusted root filesystem. Device-mapper table reloads currently allow users with root privileges to switch out the target with an equivalent dm-linear target and bypass verification till reboot. This allows root to bypass LoadPin and can be used to load untrusted and unverified kernel modules and firmware, which implies arbitrary kernel execution and persistence for peripherals that do not verify firmware updates. We recommend upgrading past commit 4caae58406f8ceb741603eee460d79bacca9b1b5", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 6.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-2503", }, { cve: "CVE-2022-2586", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free flaw was found in nf_tables cross-table in the net/netfilter/nf_tables_api.c function in the Linux kernel. This flaw allows a local, privileged attacker to cause a use-after-free problem at the time of table deletion, possibly leading to local privilege escalation.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 6.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-2586", }, { cve: "CVE-2022-2588", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-2588", }, { cve: "CVE-2022-2602", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "A flaw was found in the Linux kernel. A race issue occurs between an io_uring request and the Unix socket garbage collector, allowing an attacker local privilege escalation.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-2602", }, { cve: "CVE-2022-2663", cwe: { id: "CWE-923", name: "Improper Restriction of Communication Channel to Intended Endpoints", }, notes: [ { category: "summary", text: "An issue was found in the Linux kernel in nf_conntrack_irc where the message handling can be confused and incorrectly matches the message. A firewall may be able to be bypassed when users are using unencrypted IRC with nf_conntrack_irc configured.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-2663", }, { cve: "CVE-2022-2905", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "summary", text: "An out-of-bounds memory read flaw was found in the Linux kernel's BPF subsystem in how a user calls the bpf_tail_call function with a key larger than the max_entries of the map. This flaw allows a local user to gain unauthorized access to data.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-2905", }, { cve: "CVE-2022-2959", cwe: { id: "CWE-362", name: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", }, notes: [ { category: "summary", text: "A race condition was found in the Linux kernel's watch queue due to a missing lock in pipe_resize_ring(). The specific flaw exists within the handling of pipe buffers. The issue results from the lack of proper locking when performing operations on an object. This flaw allows a local user to crash the system or escalate their privileges on the system.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-2959", }, { cve: "CVE-2022-2978", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A flaw use after free in the Linux kernel NILFS file system was found in the way user triggers function security_inode_alloc to fail with following call to function nilfs_mdt_destroy. A local user could use this flaw to crash the system or potentially escalate their privileges on the system.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-2978", }, { cve: "CVE-2022-3028", cwe: { id: "CWE-362", name: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", }, notes: [ { category: "summary", text: "A race condition was found in the Linux kernel's IP framework for transforming packets (XFRM subsystem) when multiple calls to xfrm_probe_algs occurred simultaneously. This flaw could allow a local attacker to potentially trigger an out-of-bounds write or leak kernel heap memory by performing an out-of-bounds read and copying it into a socket.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-3028", }, { cve: "CVE-2022-3104", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "summary", text: "An issue was discovered in the Linux kernel through 5.16-rc6. lkdtm_ARRAY_BOUNDS in drivers/misc/lkdtm/bugs.c lacks check of the return value of kmalloc() and will cause the null pointer dereference.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-3104", }, { cve: "CVE-2022-3115", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "summary", text: "An issue was discovered in the Linux kernel through 5.16-rc6. malidp_crtc_reset in drivers/gpu/drm/arm/malidp_crtc.c lacks check of the return value of kzalloc() and will cause the null pointer dereference.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-3115", }, { cve: "CVE-2022-3169", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "A flaw was found in the Linux kernel. A denial of service flaw may occur if there is a consecutive request of the NVME_IOCTL_RESET and the NVME_IOCTL_SUBSYS_RESET through the device file of the driver, resulting in a PCIe link disconnect.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-3169", }, { cve: "CVE-2022-3303", cwe: { id: "CWE-362", name: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", }, notes: [ { category: "summary", text: "A race condition flaw was found in the Linux kernel sound subsystem due to improper locking. It could lead to a NULL pointer dereference while handling the SNDCTL_DSP_SYNC ioctl. A privileged local user (root or member of the audio group) could use this flaw to crash the system, resulting in a denial of service condition", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-3303", }, { cve: "CVE-2022-3521", cwe: { id: "CWE-362", name: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", }, notes: [ { category: "summary", text: "A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects the function kcm_tx_work of the file net/kcm/kcmsock.c of the component kcm. The manipulation leads to race condition. It is recommended to apply a patch to fix this issue. VDB-211018 is the identifier assigned to this vulnerability.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 2.5, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-3521", }, { cve: "CVE-2022-3524", cwe: { id: "CWE-404", name: "Improper Resource Shutdown or Release", }, notes: [ { category: "summary", text: "A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function ipv6_renew_options of the component IPv6 Handler. The manipulation leads to memory leak. The attack can be launched remotely. It is recommended to apply a patch to fix this issue. The identifier VDB-211021 was assigned to this vulnerability.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-3524", }, { cve: "CVE-2022-3534", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A vulnerability classified as critical has been found in Linux Kernel. Affected is the function btf_dump_name_dups of the file tools/lib/bpf/btf_dump.c of the component libbpf. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211032.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-3534", }, { cve: "CVE-2022-3545", cwe: { id: "CWE-119", name: "Improper Restriction of Operations within the Bounds of a Memory Buffer", }, notes: [ { category: "summary", text: "A vulnerability has been found in Linux Kernel and classified as critical. Affected by this vulnerability is the function area_cache_get of the file drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier VDB-211045 was assigned to this vulnerability.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-3545", }, { cve: "CVE-2022-3564", cwe: { id: "CWE-119", name: "Improper Restriction of Operations within the Bounds of a Memory Buffer", }, notes: [ { category: "summary", text: "A vulnerability classified as critical was found in Linux Kernel. Affected by this vulnerability is the function l2cap_reassemble_sdu of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211087.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-3564", }, { cve: "CVE-2022-3565", cwe: { id: "CWE-119", name: "Improper Restriction of Operations within the Bounds of a Memory Buffer", }, notes: [ { category: "summary", text: "A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function del_timer of the file drivers/isdn/mISDN/l1oip_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211088.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-3565", }, { cve: "CVE-2022-3586", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A flaw was found in the Linux kernel’s networking code. A use-after-free was found in the way the sch_sfb enqueue function used the socket buffer (SKB) cb field after the same SKB had been enqueued (and freed) into a child qdisc. This flaw allows a local, unprivileged user to crash the system, causing a denial of service.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-3586", }, { cve: "CVE-2022-3594", cwe: { id: "CWE-404", name: "Improper Resource Shutdown or Release", }, notes: [ { category: "summary", text: "A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function intr_callback of the file drivers/net/usb/r8152.c of the component BPF. The manipulation leads to logging of excessive data. The attack can be launched remotely. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211363.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-3594", }, { cve: "CVE-2022-3606", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "summary", text: "A vulnerability was found in Linux Kernel. It has been classified as problematic. This affects the function find_prog_by_sec_insn of the file tools/lib/bpf/libbpf.c of the component BPF. The manipulation leads to null pointer dereference. It is recommended to apply a patch to fix this issue. The identifier VDB-211749 was assigned to this vulnerability.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-3606", }, { cve: "CVE-2022-3621", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "summary", text: "A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function nilfs_bmap_lookup_at_level of the file fs/nilfs2/inode.c of the component nilfs2. The manipulation leads to null pointer dereference. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211920.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-3621", }, { cve: "CVE-2022-3625", cwe: { id: "CWE-119", name: "Improper Restriction of Operations within the Bounds of a Memory Buffer", }, notes: [ { category: "summary", text: "A vulnerability was found in Linux Kernel. It has been classified as critical. This affects the function devlink_param_set/devlink_param_get of the file net/core/devlink.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier VDB-211929 was assigned to this vulnerability.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-3625", }, { cve: "CVE-2022-3628", cwe: { id: "CWE-120", name: "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", }, notes: [ { category: "summary", text: "A buffer overflow flaw was found in the Linux kernel Broadcom Full MAC Wi-Fi driver. This issue occurs when a user connects to a malicious USB device. This can allow a local user to crash the system or escalate their privileges.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-3628", }, { cve: "CVE-2022-3629", cwe: { id: "CWE-401", name: "Missing Release of Memory after Effective Lifetime", }, notes: [ { category: "summary", text: "A vulnerability was found in Linux Kernel. It has been declared as problematic. This vulnerability affects the function vsock_connect of the file net/vmw_vsock/af_vsock.c. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. VDB-211930 is the identifier assigned to this vulnerability.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-3629", }, { cve: "CVE-2022-3633", cwe: { id: "CWE-401", name: "Missing Release of Memory after Effective Lifetime", }, notes: [ { category: "summary", text: "A vulnerability classified as problematic has been found in Linux Kernel. Affected is the function j1939_session_destroy of the file net/can/j1939/transport.c. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211932.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-3633", }, { cve: "CVE-2022-3635", cwe: { id: "CWE-119", name: "Improper Restriction of Operations within the Bounds of a Memory Buffer", }, notes: [ { category: "summary", text: "A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function tst_timer of the file drivers/atm/idt77252.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. VDB-211934 is the identifier assigned to this vulnerability.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-3635", }, { cve: "CVE-2022-3646", cwe: { id: "CWE-404", name: "Improper Resource Shutdown or Release", }, notes: [ { category: "summary", text: "A vulnerability, which was classified as problematic, has been found in Linux Kernel. This issue affects the function nilfs_attach_log_writer of the file fs/nilfs2/segment.c of the component BPF. The manipulation leads to memory leak. The attack may be initiated remotely. It is recommended to apply a patch to fix this issue. The identifier VDB-211961 was assigned to this vulnerability.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-3646", }, { cve: "CVE-2022-3649", cwe: { id: "CWE-119", name: "Improper Restriction of Operations within the Bounds of a Memory Buffer", }, notes: [ { category: "summary", text: "A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function nilfs_new_inode of the file fs/nilfs2/inode.c of the component BPF. The manipulation leads to use after free. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211992.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-3649", }, { cve: "CVE-2022-4095", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free flaw was found in Linux kernel before 5.19.2. This issue occurs in cmd_hdl_filter in drivers/staging/rtl8712/rtl8712_cmd.c, allowing an attacker to launch a local denial of service attack and gain escalation of privileges.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-4095", }, { cve: "CVE-2022-4129", cwe: { id: "CWE-667", name: "Improper Locking", }, notes: [ { category: "summary", text: "A flaw was found in the Linux kernel's Layer 2 Tunneling Protocol (L2TP). A missing lock when clearing sk_user_data can lead to a race condition and NULL pointer dereference. A local user could use this flaw to potentially crash the system causing a denial of service.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-4129", }, { cve: "CVE-2022-4139", cwe: { id: "CWE-401", name: "Missing Release of Memory after Effective Lifetime", }, notes: [ { category: "summary", text: "An incorrect TLB flush issue was found in the Linux kernel’s GPU i915 kernel driver, potentially leading to random memory corruption or data leaks. This flaw could allow a local user to crash the system or escalate their privileges on the system.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-4139", }, { cve: "CVE-2022-4269", cwe: { id: "CWE-833", name: "Deadlock", }, notes: [ { category: "summary", text: "A flaw was found in the Linux kernel Traffic Control (TC) subsystem. Using a specific networking configuration (redirecting egress packets to ingress using TC action \"mirred\") a local unprivileged user could trigger a CPU soft lockup (ABBA deadlock) when the transport protocol in use (TCP or SCTP) does a retransmission, resulting in a denial of service condition.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-4269", }, { cve: "CVE-2022-4304", cwe: { id: "CWE-326", name: "Inadequate Encryption Strength", }, notes: [ { category: "summary", text: "A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in a Bleichenbacher style attack. To achieve a successful decryption an attacker would have to be able to send a very large number of trial messages for decryption. The vulnerability affects all RSA padding modes: PKCS#1 v1.5, RSA-OEAP and RSASVE. For example, in a TLS connection, RSA is commonly used by a client to send an encrypted pre-master secret to the server. An attacker that had observed a genuine connection between a client and a server could use this flaw to send trial messages to the server and record the time taken to process them. After a sufficiently large number of messages the attacker could recover the pre-master secret used for the original connection and thus be able to decrypt the application data sent over that connection.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-4304", }, { cve: "CVE-2022-4450", cwe: { id: "CWE-415", name: "Double Free", }, notes: [ { category: "summary", text: "The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and decodes the \"name\" (e.g. \"CERTIFICATE\"), any header data and the payload data. If the function succeeds then the \"name_out\", \"header\" and \"data\" arguments are populated with pointers to buffers containing the relevant decoded data. The caller is responsible for freeing those buffers. It is possible to construct a PEM file that results in 0 bytes of payload data. In this case PEM_read_bio_ex() will return a failure code but will populate the header argument with a pointer to a buffer that has already been freed. If the caller also frees this buffer then a double free will occur. This will most likely lead to a crash. This could be exploited by an attacker who has the ability to supply malicious PEM files for parsing to achieve a denial of service attack. The functions PEM_read_bio() and PEM_read() are simple wrappers around PEM_read_bio_ex() and therefore these functions are also directly affected. These functions are also called indirectly by a number of other OpenSSL functions including PEM_X509_INFO_read_bio_ex() and SSL_CTX_use_serverinfo_file() which are also vulnerable. Some OpenSSL internal uses of these functions are not vulnerable because the caller does not free the header argument if PEM_read_bio_ex() returns a failure code. These locations include the PEM_read_bio_TYPE() functions as well as the decoders introduced in OpenSSL 3.0. The OpenSSL asn1parse command line application is also impacted by this issue.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-4450", }, { cve: "CVE-2022-4662", cwe: { id: "CWE-455", name: "Non-exit on Failed Initialization", }, notes: [ { category: "summary", text: "A flaw incorrect access control in the Linux kernel USB core subsystem was found in the way user attaches usb device. A local user could use this flaw to crash the system.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-4662", }, { cve: "CVE-2022-20421", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "In binder_inc_ref_for_node of binder.c, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-239630375References: Upstream kernel", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-20421", }, { cve: "CVE-2022-20422", cwe: { id: "CWE-362", name: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", }, notes: [ { category: "summary", text: "In emulation_proc_handler of armv8_deprecated.c, there is a possible way to corrupt memory due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-237540956References: Upstream kernel", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-20422", }, { cve: "CVE-2022-20566", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "In l2cap_chan_put of l2cap_core, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-165329981References: Upstream kernel", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-20566", }, { cve: "CVE-2022-20572", cwe: { id: "CWE-863", name: "Incorrect Authorization", }, notes: [ { category: "summary", text: "In verity_target of dm-verity-target.c, there is a possible way to modify read-only files due to a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-234475629References: Upstream kernel", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 6.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-20572", }, { cve: "CVE-2022-21123", cwe: { id: "CWE-459", name: "Incomplete Cleanup", }, notes: [ { category: "summary", text: "Incomplete cleanup of multi-core shared buffers for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-21123", }, { cve: "CVE-2022-21125", cwe: { id: "CWE-459", name: "Incomplete Cleanup", }, notes: [ { category: "summary", text: "Incomplete cleanup of microarchitectural fill buffers on some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-21125", }, { cve: "CVE-2022-21166", cwe: { id: "CWE-459", name: "Incomplete Cleanup", }, notes: [ { category: "summary", text: "Incomplete cleanup in specific special register write operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-21166", }, { cve: "CVE-2022-21505", cwe: { id: "CWE-305", name: "Authentication Bypass by Primary Weakness", }, notes: [ { category: "summary", text: "A bug in the IMA subsystem was discovered which would incorrectly allow kexec to be used when kernel lockdown was enabled", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 6.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-21505", }, { cve: "CVE-2022-26373", cwe: { id: "CWE-311", name: "Missing Encryption of Sensitive Data", }, notes: [ { category: "summary", text: "Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-26373", }, { cve: "CVE-2022-32250", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "net/netfilter/nf_tables_api.c in the Linux kernel through 5.18.1 allows a local user (able to create user/net namespaces) to escalate privileges to root because an incorrect NFT_STATEFUL_EXPR check leads to a use-after-free.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-32250", }, { cve: "CVE-2022-32296", cwe: { id: "CWE-203", name: "Observable Discrepancy", }, notes: [ { category: "summary", text: "The Linux kernel before 5.17.9 allows TCP servers to identify clients by observing what source ports are used. This occurs because of use of Algorithm 4 (\"Double-Hash Port Selection Algorithm\") of RFC 6056.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-32296", }, { cve: "CVE-2022-34918", cwe: { id: "CWE-843", name: "Access of Resource Using Incompatible Type ('Type Confusion')", }, notes: [ { category: "summary", text: "An issue was discovered in the Linux kernel through 5.18.9. A type confusion bug in nft_set_elem_init (leading to a buffer overflow) could be used by a local attacker to escalate privileges, a different vulnerability than CVE-2022-32250. (The attacker can obtain root access, but must start with an unprivileged user namespace to obtain CAP_NET_ADMIN access.) This can be fixed in nft_setelem_parse_data in net/netfilter/nf_tables_api.c.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-34918", }, { cve: "CVE-2022-36123", cwe: { id: "CWE-311", name: "Missing Encryption of Sensitive Data", }, notes: [ { category: "summary", text: "The Linux kernel before 5.18.13 lacks a certain clear operation for the block starting symbol (.bss). This allows Xen PV guest OS users to cause a denial of service or gain privileges.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-36123", }, { cve: "CVE-2022-36280", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "An out-of-bounds(OOB) memory access vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_kms.c in GPU component in the Linux kernel with device file '/dev/dri/renderD128 (or Dxxx)'. This flaw allows a local attacker with a user account on the system to gain privilege, causing a denial of service(DoS).", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-36280", }, { cve: "CVE-2022-36879", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "An issue was discovered in the Linux kernel through 5.18.14. xfrm_expand_policies in net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-36879", }, { cve: "CVE-2022-36946", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "nfqnl_mangle in net/netfilter/nfnetlink_queue.c in the Linux kernel through 5.18.14 allows remote attackers to cause a denial of service (panic) because, in the case of an nf_queue verdict with a one-byte nfta_payload attribute, an skb_pull can encounter a negative skb->len.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-36946", }, { cve: "CVE-2022-39188", cwe: { id: "CWE-362", name: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", }, notes: [ { category: "summary", text: "An issue was discovered in include/asm-generic/tlb.h in the Linux kernel before 5.19. Because of a race condition (unmap_mapping_range versus munmap), a device driver can free a page while it still has stale TLB entries. This only occurs in situations with VM_PFNMAP VMAs.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-39188", }, { cve: "CVE-2022-39190", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "summary", text: "An issue was discovered in net/netfilter/nf_tables_api.c in the Linux kernel before 5.19.6. A denial of service can occur upon binding to an already bound chain.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-39190", }, { cve: "CVE-2022-40307", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "An issue was discovered in the Linux kernel through 5.19.8. drivers/firmware/efi/capsule-loader.c has a race condition with a resultant use-after-free.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-40307", }, { cve: "CVE-2022-40768", cwe: { id: "CWE-668", name: "Exposure of Resource to Wrong Sphere", }, notes: [ { category: "summary", text: "drivers/scsi/stex.c in the Linux kernel through 5.19.9 allows local users to obtain sensitive information from kernel memory because stex_queuecommand_lck lacks a memset for the PASSTHRU_CMD case.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-40768", }, { cve: "CVE-2022-41218", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "In drivers/media/dvb-core/dmxdev.c in the Linux kernel through 5.19.10, there is a use-after-free caused by refcount races, affecting dvb_demux_open and dvb_dmxdev_release.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-41218", }, { cve: "CVE-2022-41222", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "mm/mremap.c in the Linux kernel before 5.13.3 has a use-after-free via a stale TLB because an rmap lock is not held during a PUD move.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-41222", }, { cve: "CVE-2022-41674", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "An issue was discovered in the Linux kernel before 5.19.16. Attackers able to inject WLAN frames could cause a buffer overflow in the ieee80211_bss_info_update function in net/mac80211/scan.c.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-41674", }, { cve: "CVE-2022-41849", cwe: { id: "CWE-362", name: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", }, notes: [ { category: "summary", text: "drivers/video/fbdev/smscufx.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free if a physically proximate attacker removes a USB device while calling open(), aka a race condition between ufx_ops_open and ufx_usb_disconnect.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 4.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-41849", }, { cve: "CVE-2022-41850", cwe: { id: "CWE-362", name: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", }, notes: [ { category: "summary", text: "roccat_report_event in drivers/hid/hid-roccat.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free in certain situations where a report is received while copying a report->value is in progress.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-41850", }, { cve: "CVE-2022-42328", cwe: { id: "CWE-667", name: "Improper Locking", }, notes: [ { category: "summary", text: "Guests can trigger deadlock in Linux netback driver [This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] The patch for XSA-392 introduced another issue which might result in a deadlock when trying to free the SKB of a packet dropped due to the XSA-392 handling (CVE-2022-42328). Additionally when dropping packages for other reasons the same deadlock could occur in case of netpoll being active for the interface the xen-netback driver is connected to (CVE-2022-42329).", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-42328", }, { cve: "CVE-2022-42329", cwe: { id: "CWE-667", name: "Improper Locking", }, notes: [ { category: "summary", text: "Guests can trigger deadlock in Linux netback drive. The patch for XSA-392 introduced another issue which might result in a deadlock when trying to free the SKB of a packet dropped due to the XSA-392 handling (CVE-2022-42328). Additionally when dropping packages for other reasons the same deadlock could occur in case of netpoll being active for the interface the xen-netback driver is connected to (CVE-2022-42329).", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-42329", }, { cve: "CVE-2022-42432", cwe: { id: "CWE-457", name: "Use of Uninitialized Variable", }, notes: [ { category: "summary", text: "This vulnerability allows local attackers to disclose sensitive information on affected installations of the Linux Kernel 6.0-rc2. An attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the nft_osf_eval function. The issue results from the lack of proper initialization of memory prior to accessing it. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the kernel. Was ZDI-CAN-18540.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-42432", }, { cve: "CVE-2022-42703", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "mm/rmap.c in the Linux kernel before 5.19.7 has a use-after-free related to leaf anon_vma double reuse.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-42703", }, { cve: "CVE-2022-42719", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free in the mac80211 stack when parsing a multi-BSSID element in the Linux kernel 5.2 through 5.19.x before 5.19.16 could be used by attackers (able to inject WLAN frames) to crash the kernel and potentially execute code.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-42719", }, { cve: "CVE-2022-42720", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "Various refcounting bugs in the multi-BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to trigger use-after-free conditions to potentially execute code.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-42720", }, { cve: "CVE-2022-42721", cwe: { id: "CWE-835", name: "Loop with Unreachable Exit Condition ('Infinite Loop')", }, notes: [ { category: "summary", text: "A list management bug in BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to corrupt a linked list and, in turn, potentially execute code.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-42721", }, { cve: "CVE-2022-42722", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "summary", text: "In the Linux kernel 5.8 through 5.19.x before 5.19.16, local attackers able to inject WLAN frames into the mac80211 stack could cause a NULL pointer dereference denial-of-service attack against the beacon protection of P2P devices.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-42722", }, { cve: "CVE-2022-42895", cwe: { id: "CWE-824", name: "Access of Uninitialized Pointer", }, notes: [ { category: "summary", text: "There is an infoleak vulnerability in the Linux kernel's net/bluetooth/l2cap_core.c's l2cap_parse_conf_req function which can be used to leak kernel pointers remotely. We recommend upgrading past commit https://github.com/torvalds/linux/commit/b1a2cd50c0357f243b7435a732b4e62ba3157a2e", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-42895", }, { cve: "CVE-2022-42896", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "There are use-after-free vulnerabilities in the Linux kernel's net/bluetooth/l2cap_core.c's l2cap_connect and l2cap_le_connect_req functions which may allow code execution and leaking kernel memory (respectively) remotely via Bluetooth. A remote attacker could execute code leaking kernel memory via Bluetooth if within proximity of the victim. We recommend upgrading past commit https://github.com/torvalds/linux/commit/711f8c3fb3db61897080468586b970c87c61d9e4", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-42896", }, { cve: "CVE-2022-43750", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "drivers/usb/mon/mon_bin.c in usbmon in the Linux kernel before 5.19.15 and 6.x before 6.0.1 allows a user-space client to corrupt the monitor's internal memory.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 6.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-43750", }, { cve: "CVE-2022-47518", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "An issue was discovered in the Linux kernel before 6.0.11. Missing validation of the number of channels in drivers/net/wireless/microchip/wilc1000/cfg80211.c in the WILC1000 wireless driver can trigger a heap-based buffer overflow when copying the list of operating channels from Wi-Fi management frames.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-47518", }, { cve: "CVE-2022-47520", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "summary", text: "An issue was discovered in the Linux kernel before 6.0.11. Missing offset validation in drivers/net/wireless/microchip/wilc1000/hif.c in the WILC1000 wireless driver can trigger an out-of-bounds read when parsing a Robust Security Network (RSN) information element from a Netlink packet.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-47520", }, { cve: "CVE-2022-47929", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "summary", text: "In the Linux kernel before 6.1.6, a NULL pointer dereference bug in the traffic control subsystem allows an unprivileged user to trigger a denial of service (system crash) via a crafted traffic control configuration that is set up with \"tc qdisc\" and \"tc class\" commands. This affects qdisc_graft in net/sched/sch_api.c.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-47929", }, { cve: "CVE-2022-47946", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "An issue was discovered in the Linux kernel 5.10.x before 5.10.155. A use-after-free in io_sqpoll_wait_sq in fs/io_uring.c allows an attacker to crash the kernel, resulting in denial of service. finish_wait can be skipped. An attack can occur in some situations by forking a process and then quickly terminating it. NOTE: later kernel versions, such as the 5.15 longterm series, substantially changed the implementation of io_sqpoll_wait_sq.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-47946", }, { cve: "CVE-2023-0215", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "The public API function BIO_new_NDEF is a helper function used for streaming ASN.1 data via a BIO. It is primarily used internally to OpenSSL to support the SMIME, CMS and PKCS7 streaming capabilities, but may also be called directly by end user applications. The function receives a BIO from the caller, prepends a new BIO_f_asn1 filter BIO onto the front of it to form a BIO chain, and then returns the new head of the BIO chain to the caller. Under certain conditions, for example if a CMS recipient public key is invalid, the new filter BIO is freed and the function returns a NULL result indicating a failure. However, in this case, the BIO chain is not properly cleaned up and the BIO passed by the caller still retains internal pointers to the previously freed filter BIO. If the caller then goes on to call BIO_pop() on the BIO then a use-after-free will occur. This will most likely result in a crash. This scenario occurs directly in the internal function B64_write_ASN1() which may cause BIO_new_NDEF() to be called and will subsequently call BIO_pop() on the BIO. This internal function is in turn called by the public API functions PEM_write_bio_ASN1_stream, PEM_write_bio_CMS_stream, PEM_write_bio_PKCS7_stream, SMIME_write_ASN1, SMIME_write_CMS and SMIME_write_PKCS7. Other public API functions that may be impacted by this include i2d_ASN1_bio_stream, BIO_new_CMS, BIO_new_PKCS7, i2d_CMS_bio_stream and i2d_PKCS7_bio_stream. The OpenSSL cms and smime command line applications are similarly affected.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-0215", }, { cve: "CVE-2023-0286", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING but the public structure definition for GENERAL_NAME incorrectly specified the type of the x400Address field as ASN1_TYPE. This field is subsequently interpreted by the OpenSSL function GENERAL_NAME_cmp as an ASN1_TYPE rather than an ASN1_STRING. When CRL checking is enabled (i.e. the application sets the X509_V_FLAG_CRL_CHECK flag), this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call, enabling them to read memory contents or enact a denial of service. In most cases, the attack requires the attacker to provide both the certificate chain and CRL, neither of which need to have a valid signature. If the attacker only controls one of these inputs, the other input must already contain an X.400 address as a CRL distribution point, which is uncommon. As such, this vulnerability is most likely to only affect applications which have implemented their own functionality for retrieving CRLs over a network.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7.4, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-0286", }, { cve: "CVE-2023-0464", cwe: { id: "CWE-295", name: "Improper Certificate Validation", }, notes: [ { category: "summary", text: "A security vulnerability has been identified in all supported versions of OpenSSL related to the verification of X.509 certificate chains that include policy constraints. Attackers may be able to exploit this vulnerability by creating a malicious certificate chain that triggers exponential use of computational resources, leading to a denial-of-service (DoS) attack on affected systems.\r\n\r\nPolicy processing is disabled by default but can be enabled by passing the `-policy` argument to the command line utilities or by calling the `X509_VERIFY_PARAM_set1_policies()` function.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-0464", }, { cve: "CVE-2023-0465", cwe: { id: "CWE-295", name: "Improper Certificate Validation", }, notes: [ { category: "summary", text: "Applications that use a non-default option when verifying certificates may be\r\nvulnerable to an attack from a malicious CA to circumvent certain checks.\r\n\r\nInvalid certificate policies in leaf certificates are silently ignored by\r\nOpenSSL and other certificate policy checks are skipped for that certificate.\r\nA malicious CA could use this to deliberately assert invalid certificate policies\r\nin order to circumvent policy checking on the certificate altogether.\r\n\r\nPolicy processing is disabled by default but can be enabled by passing\r\nthe `-policy` argument to the command line utilities or by calling the\r\n`X509_VERIFY_PARAM_set1_policies()` function.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-0465", }, { cve: "CVE-2023-0466", cwe: { id: "CWE-295", name: "Improper Certificate Validation", }, notes: [ { category: "summary", text: "The function X509_VERIFY_PARAM_add0_policy() is documented to\nimplicitly enable the certificate policy check when doing certificate\nverification. However the implementation of the function does not\nenable the check which allows certificates with invalid or incorrect\npolicies to pass the certificate verification.\n\nAs suddenly enabling the policy check could break existing deployments it was\ndecided to keep the existing behavior of the X509_VERIFY_PARAM_add0_policy()\nfunction.\n\nInstead the applications that require OpenSSL to perform certificate\npolicy check need to use X509_VERIFY_PARAM_set1_policies() or explicitly\nenable the policy check by calling X509_VERIFY_PARAM_set_flags() with\nthe X509_V_FLAG_POLICY_CHECK flag argument.\n\nCertificate policy checks are disabled by default in OpenSSL and are not\ncommonly used by applications.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-0466", }, { cve: "CVE-2023-0590", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free flaw was found in qdisc_graft in net/sched/sch_api.c in the Linux Kernel due to a race problem. This flaw leads to a denial of service issue. If patch ebda44da44f6 (\"net: sched: fix race condition in qdisc_graft()\") not applied yet, then kernel could be affected.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-0590", }, { cve: "CVE-2023-1077", cwe: { id: "CWE-843", name: "Access of Resource Using Incompatible Type ('Type Confusion')", }, notes: [ { category: "summary", text: "In the Linux kernel, pick_next_rt_entity() may return a type confused entry, not detected by the BUG_ON condition, as the confused entry will not be NULL, but list_head.The buggy error condition would lead to a type confused entry with the list head,which would then be used as a type confused sched_rt_entity,causing memory corruption.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-1077", }, { cve: "CVE-2023-1095", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "summary", text: "In nf_tables_updtable, if nf_tables_table_enable returns an error, nft_trans_destroy is called to free the transaction object. nft_trans_destroy() calls list_del(), but the transaction was never placed on a list -- the list head is all zeroes, this results in a NULL pointer dereference.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-1095", }, { cve: "CVE-2023-1206", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "summary", text: "A hash collision flaw was found in the IPv6 connection lookup table in the Linux kernel’s IPv6 functionality when a user makes a new kind of SYN flood attack. A user located in the local network or with a high bandwidth connection can increase the CPU usage of the server that accepts IPV6 connections up to 95%.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-1206", }, { cve: "CVE-2023-2898", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "summary", text: "There is a null-pointer-dereference flaw found in f2fs_write_end_io in fs/f2fs/data.c in the Linux kernel. This flaw allows a local privileged user to cause a denial of service problem.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-2898", }, { cve: "CVE-2023-3141", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free flaw was found in r592_remove in drivers/memstick/host/r592.c in media access in the Linux Kernel. This flaw allows a local attacker to crash the system at device disconnect, possibly leading to a kernel information leak.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-3141", }, { cve: "CVE-2023-3268", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "summary", text: "An out of bounds (OOB) memory access flaw was found in the Linux kernel in relay_file_read_start_pos in kernel/relay.c in the relayfs. This flaw could allow a local attacker to crash the system or leak kernel internal information.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-3268", }, { cve: "CVE-2023-3338", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "summary", text: "A null pointer dereference flaw was found in the Linux kernel's DECnet networking protocol. This issue could allow a remote user to crash the system.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-3338", }, { cve: "CVE-2023-3389", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free vulnerability in the Linux Kernel io_uring subsystem can be exploited to achieve local privilege escalation. Racing a io_uring cancel poll request with a linked timeout can cause a UAF in a hrtimer.\r\n\r\nWe recommend upgrading past commit `ef7dfac51d8ed961b742218f526bd589f3900a59` \r\n(`4716c73b188566865bdd79c3a6709696a224ac04` for 5.10 stable and \r\n`0e388fce7aec40992eadee654193cad345d62663` for 5.15 stable).", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-3389", }, { cve: "CVE-2023-3446", cwe: { id: "CWE-1333", name: "Inefficient Regular Expression Complexity", }, notes: [ { category: "summary", text: "Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_check(), DH_check_ex() or EVP_PKEY_param_check() to check a DH key or DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. The function DH_check() performs various checks on DH parameters. One of those checks confirms that the modulus ('p' parameter) is not too large. Trying to use a very large modulus is slow and OpenSSL will not normally use a modulus which is over 10,000 bits in length. However the DH_check() function checks numerous aspects of the key or parameters that have been supplied. Some of those checks use the supplied modulus value even if it has already been found to be too large. An application that calls DH_check() and supplies a key or parameters obtained from an untrusted source could be vulernable to a Denial of Service attack. The function DH_check() is itself called by a number of other OpenSSL functions. An application calling any of those other functions may similarly be affected. The other functions affected by this are DH_check_ex() and EVP_PKEY_param_check(). Also vulnerable are the OpenSSL dhparam and pkeyparam command line applications when using the '-check' option. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-3446", }, { cve: "CVE-2023-3609", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free vulnerability in the Linux kernel's net/sched: cls_u32 component can be exploited to achieve local privilege escalation.\r\n\r\nIf tcf_change_indev() fails, u32_set_parms() will immediately return an error after incrementing or decrementing the reference counter in tcf_bind_filter(). If an attacker can control the reference counter and set it to zero, they can cause the reference to be freed, leading to a use-after-free vulnerability.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-3609", }, { cve: "CVE-2023-3610", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation.\r\n\r\nFlaw in the error handling of bound chains causes a use-after-free in the abort path of NFT_MSG_NEWRULE. The vulnerability requires CAP_NET_ADMIN to be triggered.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-3610", }, { cve: "CVE-2023-3611", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "An out-of-bounds write vulnerability in the Linux kernel's net/sched: sch_qfq component can be exploited to achieve local privilege escalation.\r\n\r\nThe qfq_change_agg() function in net/sched/sch_qfq.c allows an out-of-bounds write because lmax is updated according to packet sizes without bounds checks.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-3611", }, { cve: "CVE-2023-3772", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "summary", text: "A flaw was found in the Linux kernel's IP framework for transforming packets (XFRM subsystem). This issue may allow a malicious user with CAP_NET_ADMIN privileges to directly dereference a NULL pointer in xfrm_update_ae_params(), leading to a possible kernel crash and denial of service.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-3772", }, { cve: "CVE-2023-3773", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "summary", text: "A flaw was found in the Linux kernel's IP framework for transforming packets (XFRM subsystem). This issue may allow a malicious user with CAP_NET_ADMIN privileges to cause a 4 byte out-of-bounds read of XFRMA_MTIMER_THRESH when parsing netlink attributes, leading to potential leakage of sensitive heap data to userspace.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-3773", }, { cve: "CVE-2023-3777", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation.\n\nWhen nf_tables_delrule() is flushing table rules, it is not checked whether the chain is bound and the chain's owner rule can also release the objects in certain circumstances.\n\nWe recommend upgrading past commit 6eaf41e87a223ae6f8e7a28d6e78384ad7e407f8.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-3777", }, { cve: "CVE-2023-4004", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "A use-after-free flaw was found in the Linux kernel's netfilter in the way a user triggers the nft_pipapo_remove function with the element, without a NFT_SET_EXT_KEY_END. This issue could allow a local user to crash the system or potentially escalate their privileges on the system.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-4004", }, { cve: "CVE-2023-4015", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "The netfilter subsystem in the Linux kernel did not properly handle bound chain deactivation in certain circumstances. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 8.4, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-4015", }, { cve: "CVE-2023-4273", cwe: { id: "CWE-121", name: "Stack-based Buffer Overflow", }, notes: [ { category: "summary", text: "This vulnerability exists in the implementation of the file name reconstruction function, which is responsible for reading file name entries from a directory index and merging file name parts belonging to one file into a single long file name. Since the file name characters are copied into a stack variable, a local privileged attacker could use this vulnerability to overflow the kernel stack.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-4273", }, { cve: "CVE-2023-4623", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free vulnerability in the Linux kernel's net/sched: sch_hfsc (HFSC qdisc traffic control) component can be exploited to achieve local privilege escalation.\n\nIf a class with a link-sharing curve (i.e. with the HFSC_FSC flag set) has a parent without a link-sharing curve, then init_vf() will call vttree_insert() on the parent, but vttree_remove() will be skipped in update_vf(). This leaves a dangling pointer that can cause a use-after-free.\n\nWe recommend upgrading past commit b3d26c5702c7d6c45456326e56d2ccf3f103e60f.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-4623", }, { cve: "CVE-2023-4911", cwe: { id: "CWE-121", name: "Stack-based Buffer Overflow", }, notes: [ { category: "summary", text: "A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-4911", }, { cve: "CVE-2023-4921", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free vulnerability in the Linux kernel's net/sched: sch_qfq component can be exploited to achieve local privilege escalation.\n\nWhen the plug qdisc is used as a class of the qfq qdisc, sending network packets triggers use-after-free in qfq_dequeue() due to the incorrect .peek handler of sch_plug and lack of error checking in agg_dequeue().\n\nWe recommend upgrading past commit 8fc134fee27f2263988ae38920bc03da416b03d8.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-4921", }, { cve: "CVE-2023-5178", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free vulnerability was found in drivers/nvme/target/tcp.c` in `nvmet_tcp_free_crypto` due to a logical bug in the NVMe-oF/TCP subsystem in the Linux kernel. This issue may allow a malicious local privileged user to cause a use-after-free and double-free problem, which may permit remote code execution or lead to local privilege escalation problem.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-5178", }, { cve: "CVE-2023-5197", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation.\r\n\r\nAddition and removal of rules from chain bindings within the same transaction causes leads to use-after-free.\r\n\r\nWe recommend upgrading past commit f15f29fd4779be8a418b66e9d52979bb6d6c2325.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-5197", }, { cve: "CVE-2023-5678", cwe: { id: "CWE-754", name: "Improper Check for Unusual or Exceptional Conditions", }, notes: [ { category: "summary", text: "Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_generate_key() to generate an X9.42 DH key may experience long delays. Likewise, applications that use DH_check_pub_key(), DH_check_pub_key_ex() or EVP_PKEY_public_check() to check an X9.42 DH key or X9.42 DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. While DH_check() performs all the necessary checks (as of CVE-2023-3817), DH_check_pub_key() doesn't make any of these checks, and is therefore vulnerable for excessively large P and Q parameters. Likewise, while DH_generate_key() performs a check for an excessively large P, it doesn't check for an excessively large Q. An application that calls DH_generate_key() or DH_check_pub_key() and supplies a key or parameters obtained from an untrusted source could be vulnerable to a Denial of Service attack. DH_generate_key() and DH_check_pub_key() are also called by a number of other OpenSSL functions. An application calling any of those other functions may similarly be affected. The other functions affected by this are DH_check_pub_key_ex(), EVP_PKEY_public_check(), and EVP_PKEY_generate(). Also vulnerable are the OpenSSL pkey command line application when using the \"-pubcheck\" option, as well as the OpenSSL genpkey command line application. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-5678", }, { cve: "CVE-2023-5717", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "A heap out-of-bounds write vulnerability in the Linux kernel's Linux Kernel Performance Events (perf) component can be exploited to achieve local privilege escalation.\r\n\r\nIf perf_read_group() is called while an event's sibling_list is smaller than its child's sibling_list, it can increment or write to memory locations outside of the allocated buffer.\r\n\r\nWe recommend upgrading past commit 32671e3799ca2e4590773fd0e63aaa4229e50c06.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-5717", }, { cve: "CVE-2023-6606", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "summary", text: "An out-of-bounds read vulnerability was found in smbCalcSize in fs/smb/client/netmisc.c in the Linux Kernel. This issue could allow a local attacker to crash the system or leak internal kernel information.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-6606", }, { cve: "CVE-2023-6931", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "A heap out-of-bounds write vulnerability in the Linux kernel's Performance Events system component can be exploited to achieve local privilege escalation.\n\nA perf_event's read_size can overflow, leading to an heap out-of-bounds increment or write in perf_read_group().\n\nWe recommend upgrading past commit 382c27f4ed28f803b1f1473ac2d8db0afc795a1b.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-6931", }, { cve: "CVE-2023-6932", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free vulnerability in the Linux kernel's ipv4: igmp component can be exploited to achieve local privilege escalation.\n\nA race condition can be exploited to cause a timer be mistakenly registered on a RCU read locked object which is freed by another thread.\n\nWe recommend upgrading past commit e2b706c691905fe78468c361aaabc719d0a496f1.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-6932", }, { cve: "CVE-2023-7008", cwe: { id: "CWE-300", name: "Channel Accessible by Non-Endpoint", }, notes: [ { category: "summary", text: "A vulnerability was found in systemd-resolved. This issue may allow systemd-resolved to accept records of DNSSEC-signed domains even when they have no signature, allowing man-in-the-middles (or the upstream DNS resolver) to manipulate records.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-7008", }, { cve: "CVE-2023-7104", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, notes: [ { category: "summary", text: "A vulnerability was found in SQLite SQLite3 up to 3.43.0 and classified as critical. This issue affects the function sessionReadRecord of the file ext/session/sqlite3session.c of the component make alltest Handler. The manipulation leads to heap-based buffer overflow. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-248999.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-7104", }, { cve: "CVE-2023-23454", cwe: { id: "CWE-843", name: "Access of Resource Using Incompatible Type ('Type Confusion')", }, notes: [ { category: "summary", text: "cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service (slab-out-of-bounds read) because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results).", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-23454", }, { cve: "CVE-2023-23455", cwe: { id: "CWE-843", name: "Access of Resource Using Incompatible Type ('Type Confusion')", }, notes: [ { category: "summary", text: "atm_tc_enqueue in net/sched/sch_atm.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results).", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-23455", }, { cve: "CVE-2023-23559", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, notes: [ { category: "summary", text: "In rndis_query_oid in drivers/net/wireless/rndis_wlan.c in the Linux kernel through 6.1.5, there is an integer overflow in an addition.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-23559", }, { cve: "CVE-2023-26607", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "summary", text: "In the Linux kernel 6.0.8, there is an out-of-bounds read in ntfs_attr_find in fs/ntfs/attrib.c.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-26607", }, { cve: "CVE-2023-31085", cwe: { id: "CWE-369", name: "Divide By Zero", }, notes: [ { category: "summary", text: "An issue was discovered in drivers/mtd/ubi/cdev.c in the Linux kernel 6.2. There is a divide-by-zero error in do_div(sz,mtd->erasesize), used indirectly by ctrl_cdev_ioctl, when mtd->erasesize is 0.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-31085", }, { cve: "CVE-2023-31436", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "qfq_change_class in net/sched/sch_qfq.c in the Linux kernel before 6.2.13 allows an out-of-bounds write because lmax can exceed QFQ_MIN_LMAX.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-31436", }, { cve: "CVE-2023-32233", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "In the Linux kernel through 6.3.1, a use-after-free in Netfilter nf_tables when processing batch requests can be abused to perform arbitrary read and write operations on kernel memory. Unprivileged local users can obtain root privileges. This occurs because anonymous sets are mishandled.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-32233", }, { cve: "CVE-2023-35001", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in any user or network namespace", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-35001", }, { cve: "CVE-2023-35827", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "An issue was discovered in the Linux kernel through 6.3.8. A use-after-free was found in ravb_remove in drivers/net/ethernet/renesas/ravb_main.c.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-35827", }, { cve: "CVE-2023-36660", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "The OCB feature in libnettle in Nettle 3.9 before 3.9.1 allows memory corruption.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-36660", }, { cve: "CVE-2023-37453", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "summary", text: "An issue was discovered in the USB subsystem in the Linux kernel through 6.4.2. There is an out-of-bounds and crash in read_descriptors in drivers/usb/core/sysfs.c.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 4.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-37453", }, { cve: "CVE-2023-39189", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "summary", text: "A flaw was found in the Netfilter subsystem in the Linux kernel. The nfnl_osf_add_callback function did not validate the user mode controlled opt_num field. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, leading to a crash or information disclosure.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:L/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-39189", }, { cve: "CVE-2023-39192", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "summary", text: "A flaw was found in the Netfilter subsystem in the Linux kernel. The xt_u32 module did not validate the fields in the xt_u32 structure. This flaw allows a local privileged attacker to trigger an out-of-bounds read by setting the size fields with a value beyond the array boundaries, leading to a crash or information disclosure.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 6.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-39192", }, { cve: "CVE-2023-39193", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "summary", text: "A flaw was found in the Netfilter subsystem in the Linux kernel. The sctp_mt_check did not validate the flag_count field. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, leading to a crash or information disclosure.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 6.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-39193", }, { cve: "CVE-2023-39194", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "summary", text: "A flaw was found in the XFRM subsystem in the Linux kernel. The specific flaw exists within the processing of state filters, which can result in a read past the end of an allocated buffer. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, potentially leading to an information disclosure.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 3.2, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-39194", }, { cve: "CVE-2023-42753", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a miscalculation of the `h->nets` array offset, providing attackers with the primitive to arbitrarily increment/decrement a memory buffer out-of-bound. This issue may allow a local user to crash the system or potentially escalate their privileges on the system.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-42753", }, { cve: "CVE-2023-42754", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "summary", text: "A NULL pointer dereference flaw was found in the Linux kernel ipv4 stack. The socket buffer (skb) was assumed to be associated with a device before calling __ip_options_compile, which is not always the case if the skb is re-routed by ipvs. This issue may allow a local user with CAP_NET_ADMIN privileges to crash the system.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-42754", }, { cve: "CVE-2023-42755", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "summary", text: "A flaw was found in the IPv4 Resource Reservation Protocol (RSVP) classifier in the Linux kernel. The xprt pointer may go beyond the linear part of the skb, leading to an out-of-bounds read in the `rsvp_classify` function. This issue may allow a local user to crash the system and cause a denial of service.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-42755", }, { cve: "CVE-2023-45863", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "An issue was discovered in lib/kobject.c in the Linux kernel before 6.2.3. With root access, an attacker can trigger a race condition that results in a fill_kobj_path out-of-bounds write.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-45863", }, { cve: "CVE-2023-45871", cwe: { id: "CWE-120", name: "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", }, notes: [ { category: "summary", text: "An issue was discovered in drivers/net/ethernet/intel/igb/igb_main.c in the IGB driver in the Linux kernel before 6.5.3. A buffer size may not be adequate for frames larger than the MTU.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-45871", }, { cve: "CVE-2023-48795", cwe: { id: "CWE-222", name: "Truncation of Security-relevant Information", }, notes: [ { category: "summary", text: "The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH's use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust; and there could be effects on Bitvise SSH through 9.31.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-48795", }, { cve: "CVE-2023-50495", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "NCurse v6.4-20230418 was discovered to contain a segmentation fault via the component _nc_wrap_entry().", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-50495", }, { cve: "CVE-2023-51384", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS#11-hosted private keys, these constraints are only applied to the first key, even if a PKCS#11 token returns multiple keys.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-51384", }, { cve: "CVE-2023-51385", cwe: { id: "CWE-78", name: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", }, notes: [ { category: "summary", text: "In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters in a user name or host name.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-51385", }, { cve: "CVE-2023-51767", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "OpenSSH through 9.6, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer value of authenticated in mm_answer_authpassword does not resist flips of a single bit. NOTE: this is applicable to a certain threat model of attacker-victim co-location in which the attacker has user privileges.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-51767", }, { cve: "CVE-2024-0232", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A heap use-after-free issue has been identified in SQLite in the jsonParseAddNodeArray() function in sqlite3.c. This flaw allows a local attacker to leverage a victim to pass specially crafted malicious input to the application, potentially causing a crash and leading to a denial of service.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2024-0232", }, { cve: "CVE-2024-0553", cwe: { id: "CWE-203", name: "Observable Discrepancy", }, notes: [ { category: "summary", text: "A vulnerability was found in GnuTLS. The response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from the response times of ciphertexts with correct PKCS#1 v1.5 padding. This issue may allow a remote attacker to perform a timing side-channel attack in the RSA-PSK key exchange, potentially leading to the leakage of sensitive data. CVE-2024-0553 is designated as an incomplete resolution for CVE-2023-5981.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2024-0553", }, { cve: "CVE-2024-0567", cwe: { id: "CWE-347", name: "Improper Verification of Cryptographic Signature", }, notes: [ { category: "summary", text: "A vulnerability was found in GnuTLS, where a cockpit (which uses gnuTLS) rejects a certificate chain with distributed trust. This issue occurs when validating a certificate chain with cockpit-certificate-ensure. This flaw allows an unauthenticated, remote client or attacker to initiate a denial of service attack.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2024-0567", }, { cve: "CVE-2024-0584", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free issue was found in igmp_start_timer in net/ipv4/igmp.c in the network sub-component in the Linux Kernel. This flaw allows a local user to observe a refcnt use-after-free issue when receiving an igmp query packet, leading to a kernel information leak.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2024-0584", }, { cve: "CVE-2024-0684", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, notes: [ { category: "summary", text: "A flaw was found in the GNU coreutils \"split\" program. A heap overflow with user-controlled data of multiple hundred bytes in length could occur in the line_bytes_split() function, potentially leading to an application crash and denial of service.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2024-0684", }, { cve: "CVE-2024-22365", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "linux-pam (aka Linux PAM) before 1.6.0 allows attackers to cause a denial of service (blocked login process) via mkfifo because the openat call (for protect_dir) lacks O_DIRECTORY.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2024-22365", }, { cve: "CVE-2024-25062", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5. When using the XML Reader interface with DTD validation and XInclude expansion enabled, processing crafted XML documents can lead to an xmlValidatePopElement use-after-free.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2024-25062", }, ], }
ICSA-23-166-11
Vulnerability from csaf_cisa
Published
2023-06-13 00:00
Modified
2024-04-09 00:00
Summary
Siemens SIMATIC S7-1500 TM MFP Linux Kernel
Notes
Summary
Multiple vulnerabilities have been identified in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP V1.0.
Siemens has released a new version for SIMATIC S7-1500 TM MFP - GNU/Linux subsystem and recommends to update to the latest version.
This advisory lists vulnerabilities for firmware version V1.0 only; for V1.1 refer to Siemens Security Advisory SSA-265688 (
https://cert-portal.siemens.com/productcert/html/ssa-265688.html).
General Recommendations
As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download:
https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.
Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity
Additional Resources
For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Terms of Use
Siemens Security Advisories are subject to the terms and conditions contained in Siemens' underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter "License Terms"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens' Global Website (https://www.siemens.com/terms_of_use, hereinafter "Terms of Use"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Advisory Conversion Disclaimer
This CISA CSAF advisory was converted from Siemens ProductCERT's CSAF advisory.
Critical infrastructure sectors
Multiple
Countries/areas deployed
Worldwide
Company headquarters location
Germany
Recommended Practices
CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability.
Recommended Practices
Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.
Recommended Practices
Locate control system networks and remote devices behind firewalls and isolate them from business networks.
Recommended Practices
When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.
Recommended Practices
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
Recommended Practices
CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Recommended Practices
Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
{ document: { acknowledgments: [ { organization: "Siemens ProductCERT", summary: "reporting these vulnerabilities to CISA.", }, ], category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Disclosure is not limited", tlp: { label: "WHITE", url: "https://us-cert.cisa.gov/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Multiple vulnerabilities have been identified in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP V1.0.\n\nSiemens has released a new version for SIMATIC S7-1500 TM MFP - GNU/Linux subsystem and recommends to update to the latest version.\n\nThis advisory lists vulnerabilities for firmware version V1.0 only; for V1.1 refer to Siemens Security Advisory SSA-265688 (\nhttps://cert-portal.siemens.com/productcert/html/ssa-265688.html).", title: "Summary", }, { category: "general", text: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", title: "General Recommendations", }, { category: "general", text: "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories", title: "Additional Resources", }, { category: "legal_disclaimer", text: "Siemens Security Advisories are subject to the terms and conditions contained in Siemens' underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter \"License Terms\"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens' Global Website (https://www.siemens.com/terms_of_use, hereinafter \"Terms of Use\"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.", title: "Terms of Use", }, { category: "legal_disclaimer", text: "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.", title: "Legal Notice", }, { category: "other", text: "This CISA CSAF advisory was converted from Siemens ProductCERT's CSAF advisory.", title: "Advisory Conversion Disclaimer", }, { category: "other", text: "Multiple", title: "Critical infrastructure sectors", }, { category: "other", text: "Worldwide", title: "Countries/areas deployed", }, { category: "other", text: "Germany", title: "Company headquarters location", }, { category: "general", text: "CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability.", title: "Recommended Practices", }, { category: "general", text: "Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.", title: "Recommended Practices", }, { category: "general", text: "Locate control system networks and remote devices behind firewalls and isolate them from business networks.", title: "Recommended Practices", }, { category: "general", text: "When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.", title: "Recommended Practices", }, { category: "general", text: "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.", title: "Recommended Practices", }, { category: "general", text: "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.", title: "Recommended Practices", }, { category: "general", text: "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.", title: "Recommended Practices", }, { category: "general", text: "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.", title: "Recommended Practices", }, ], publisher: { category: "other", contact_details: "central@cisa.dhs.gov", name: "CISA", namespace: "https://www.cisa.gov/", }, references: [ { category: "self", summary: "SSA-794697: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP before V1.1 - CSAF Version", url: "https://cert-portal.siemens.com/productcert/csaf/ssa-794697.json", }, { category: "self", summary: "SSA-794697: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP before V1.1 - HTML Version", url: "https://cert-portal.siemens.com/productcert/html/ssa-794697.html", }, { category: "self", summary: "SSA-794697: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP before V1.1 - PDF Version", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-794697.pdf", }, { category: "self", summary: "SSA-794697: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP before V1.1 - TXT Version", url: "https://cert-portal.siemens.com/productcert/txt/ssa-794697.txt", }, { category: "self", summary: "ICS Advisory ICSA-23-166-11 JSON", url: "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2023/icsa-23-166-11.json", }, { category: "self", summary: "ICS Advisory ICSA-23-166-11 - Web Version", url: "https://www.cisa.gov/news-events/ics-advisories/icsa-23-166-11", }, { category: "external", summary: "Recommended Practices", url: "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01", }, { category: "external", summary: "Recommended Practices", url: "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices", }, { category: "external", summary: "Recommended Practices", url: "https://www.cisa.gov/topics/industrial-control-systems", }, { category: "external", summary: "Recommended Practices", url: "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf", }, { category: "external", summary: "Recommended Practices", url: "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf", }, { category: "external", summary: "Recommended Practices", url: "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B", }, ], title: "Siemens SIMATIC S7-1500 TM MFP Linux Kernel", tracking: { current_release_date: "2024-04-09T00:00:00.000000Z", generator: { engine: { name: "CISA CSAF Generator", version: "1.0.0", }, }, id: "ICSA-23-166-11", initial_release_date: "2023-06-13T00:00:00.000000Z", revision_history: [ { date: "2023-06-13T00:00:00.000000Z", legacy_version: "1.0", number: "1", summary: "Publication Date", }, { date: "2023-07-11T00:00:00.000000Z", legacy_version: "1.1", number: "2", summary: "Added CVE-2022-4269, CVE-2023-3141, CVE-2023-3268, CVE-2023-31436, CVE-2023-32233", }, { date: "2023-08-08T00:00:00.000000Z", legacy_version: "1.2", number: "3", summary: "Added CVE-2023-3446, CVE-2023-3389, CVE-2022-1015, \r\nCVE-2023-3609", }, { date: "2023-09-12T00:00:00.000000Z", legacy_version: "1.3", number: "4", summary: "Added CVE-2023-3338", }, { date: "2023-11-14T00:00:00.000000Z", legacy_version: "1.4", number: "5", summary: "Added CVE-2023-1206, CVE-2023-2898, CVE-2023-3610, CVE-2023-3611, CVE-2023-3772, CVE-2023-3773, CVE-2023-3777, CVE-2023-4004, CVE-2023-4015, CVE-2023-4273, CVE-2023-4623, CVE-2023-4921, CVE-2023-35001, CVE-2023-37453, CVE-2023-39192, CVE-2023-39193, CVE-2023-39194, CVE-2023-42753, CVE-2023-42755", }, { date: "2023-12-12T00:00:00.000000Z", legacy_version: "1.5", number: "6", summary: "Added CVE-2021-44879, CVE-2023-5178, CVE-2023-5197, CVE-2023-5678, CVE-2023-5717, CVE-2023-31085, CVE-2023-35827, CVE-2023-39189, CVE-2023-42754, CVE-2023-45863, CVE-2023-45871", }, { date: "2024-01-09T00:00:00.000000Z", legacy_version: "1.6", number: "7", summary: "Added CVE-2023-48795", }, { date: "2024-02-13T00:00:00.000000Z", legacy_version: "1.7", number: "8", summary: "Added CVE-2020-12762, CVE-2023-6606, CVE-2023-6931, CVE-2023-6932, CVE-2023-7008, CVE-2023-7104, CVE-2023-36660, CVE-2023-50495, CVE-2023-51384, CVE-2023-51385, CVE-2023-51767, CVE-2024-0232, CVE-2024-0553, CVE-2024-0567, CVE-2024-0584, CVE-2024-0684, CVE-2024-22365, CVE-2024-25062", }, { date: "2024-04-09T00:00:00.000000Z", legacy_version: "1.8", number: "9", summary: "Added fix for SIMATIC S7-1500 TM MFP - GNU/Linux subsystem", }, ], status: "final", version: "9", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version_range", name: "<V1.1", product: { name: "SIMATIC S7-1500 TM MFP - GNU/Linux subsystem", product_id: "CSAFPID-0001", }, }, ], category: "product_name", name: "SIMATIC S7-1500 TM MFP - GNU/Linux subsystem", }, ], category: "vendor", name: "Siemens", }, ], }, vulnerabilities: [ { cve: "CVE-2020-12762", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, notes: [ { category: "summary", text: "json-c through 0.14 has an integer overflow and out-of-bounds write via a large JSON file, as demonstrated by printbuf_memappend.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2020-12762", }, { cve: "CVE-2021-3759", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "summary", text: "A memory overflow vulnerability was found in the Linux kernel’s ipc functionality of the memcg subsystem, in the way a user calls the semget function multiple times, creating semaphores. This flaw allows a local user to starve the resources, causing a denial of service. The highest threat from this vulnerability is to system availability.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2021-3759", }, { cve: "CVE-2021-4037", cwe: { id: "CWE-284", name: "Improper Access Control", }, notes: [ { category: "summary", text: "A vulnerability was found in the fs/inode.c:inode_init_owner() function logic of the LInux kernel that allows local users to create files for the XFS file-system with an unintended group ownership and with group execution and SGID permission bits set, in a scenario where a directory is SGID and belongs to a certain group and is writable by a user who is not a member of this group. This can lead to excessive permissions granted in case when they should not. This vulnerability is similar to the previous CVE-2018-13405 and adds the missed fix for the XFS.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2021-4037", }, { cve: "CVE-2021-33655", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "When sending malicous data to kernel by ioctl cmd FBIOPUT_VSCREENINFO,kernel will write memory out of bounds.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 6.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2021-33655", }, { cve: "CVE-2021-44879", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "summary", text: "In gc_data_segment in fs/f2fs/gc.c in the Linux kernel before 5.16.3, special files are not considered, leading to a move_data_page NULL pointer dereference.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2021-44879", }, { cve: "CVE-2022-0171", cwe: { id: "CWE-459", name: "Incomplete Cleanup", }, notes: [ { category: "summary", text: "A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root (host) user-level application to crash the host kernel by creating a confidential guest VM instance in AMD CPU that supports Secure Encrypted Virtualization (SEV).", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-0171", }, { cve: "CVE-2022-1012", cwe: { id: "CWE-401", name: "Missing Release of Memory after Effective Lifetime", }, notes: [ { category: "summary", text: "A memory leak problem was found in the TCP source port generation algorithm in net/ipv4/tcp.c due to the small table perturb size. This flaw may allow an attacker to information leak and may cause a denial of service problem.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 8.2, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-1012", }, { cve: "CVE-2022-1015", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "A flaw was found in the Linux kernel in linux/net/netfilter/nf_tables_api.c of the netfilter subsystem. This flaw allows a local user to cause an out-of-bounds write issue.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-1015", }, { cve: "CVE-2022-1184", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free flaw was found in fs/ext4/namei.c:dx_insert_block() in the Linux kernel’s filesystem sub-component. This flaw allows a local attacker with a user privilege to cause a denial of service.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-1184", }, { cve: "CVE-2022-1292", cwe: { id: "CWE-78", name: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", }, notes: [ { category: "summary", text: "The c_rehash script does not properly sanitise shell metacharacters to prevent command injection.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-1292", }, { cve: "CVE-2022-1343", cwe: { id: "CWE-295", name: "Improper Certificate Validation", }, notes: [ { category: "summary", text: "Under certain circumstances, the command line OCSP verify function reports successful verification when the verification in fact failed. In this case the incorrect successful response will also be accompanied by error messages showing the failure and contradicting the apparently successful result.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-1343", }, { cve: "CVE-2022-1434", cwe: { id: "CWE-327", name: "Use of a Broken or Risky Cryptographic Algorithm", }, notes: [ { category: "summary", text: "When using the RC4-MD5 ciphersuite, which is disabled by default, an attacker is able to modify data in transit due to an incorrect use of the AAD data as the MAC key in OpenSSL 3.0. An attacker is not able to decrypt any communication.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-1434", }, { cve: "CVE-2022-1462", cwe: { id: "CWE-362", name: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", }, notes: [ { category: "summary", text: "An out-of-bounds read flaw was found in the Linux kernel’s TeleTYpe subsystem. The issue occurs in how a user triggers a race condition using ioctls TIOCSPTLCK and TIOCGPTPEER and TIOCSTI and TCXONC with leakage of memory in the flush_to_ldisc function. This flaw allows a local user to crash the system or read unauthorized random data from memory.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 6.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-1462", }, { cve: "CVE-2022-1473", cwe: { id: "CWE-404", name: "Improper Resource Shutdown or Release", }, notes: [ { category: "summary", text: "The used OpenSSL version improperly reuses memory when decoding certificates or keys. This can lead to a process termination and Denial of Service for long lived processes.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-1473", }, { cve: "CVE-2022-1679", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free flaw was found in the Linux kernel’s Atheros wireless adapter driver in the way a user forces the ath9k_htc_wait_for_target function to fail with some input messages. This flaw allows a local user to crash or potentially escalate their privileges on the system.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-1679", }, { cve: "CVE-2022-1852", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "summary", text: "A NULL pointer dereference flaw was found in the Linux kernel’s KVM module, which can lead to a denial of service in the x86_emulate_insn in arch/x86/kvm/emulate.c. This flaw occurs while executing an illegal instruction in guest in the Intel CPU.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-1852", }, { cve: "CVE-2022-1882", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free flaw was found in the Linux kernel’s pipes functionality in how a user performs manipulations with the pipe post_one_notification() after free_pipe_info() that is already called. This flaw allows a local user to crash or potentially escalate their privileges on the system.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-1882", }, { cve: "CVE-2022-2068", cwe: { id: "CWE-78", name: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", }, notes: [ { category: "summary", text: "In addition to the c_rehash shell command injection identified in CVE-2022-1292, further circumstances where the c_rehash script does not properly sanitise shell metacharacters to prevent command injection were found by code review. When the CVE-2022-1292 was fixed it was not discovered that there are other places in the script where the file names of certificates being hashed were possibly passed to a command executed through the shell. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-2068", }, { cve: "CVE-2022-2078", cwe: { id: "CWE-121", name: "Stack-based Buffer Overflow", }, notes: [ { category: "summary", text: "A vulnerability was found in the Linux kernel's nft_set_desc_concat_parse() function .This flaw allows an attacker to trigger a buffer overflow via nft_set_desc_concat_parse() , causing a denial of service and possibly to run code.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-2078", }, { cve: "CVE-2022-2097", cwe: { id: "CWE-326", name: "Inadequate Encryption Strength", }, notes: [ { category: "summary", text: "AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation will not encrypt the entirety of the data under some circumstances. This could reveal sixteen bytes of data that was preexisting in the memory that wasn't written. In the special case of \"in place\" encryption, sixteen bytes of the plaintext would be revealed. Since OpenSSL does not support OCB based cipher suites for TLS and DTLS, they are both unaffected.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-2097", }, { cve: "CVE-2022-2153", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "summary", text: "A flaw was found in the Linux kernel’s KVM when attempting to set a SynIC IRQ. This issue makes it possible for a misbehaving VMM to write to SYNIC/STIMER MSRs, causing a NULL pointer dereference. This flaw allows an unprivileged local attacker on the host to issue specific ioctl calls, causing a kernel oops condition that results in a denial of service.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-2153", }, { cve: "CVE-2022-2274", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "The OpenSSL 3.0.4 release introduced a serious bug in the RSA implementation for X86_64 CPUs supporting the AVX512IFMA instructions. This issue makes the RSA implementation with 2048 bit private keys incorrect on such machines and memory corruption will happen during the computation. As a consequence of the memory corruption an attacker may be able to trigger a remote code execution on the machine performing the computation. SSL/TLS servers or other servers using 2048 bit RSA private keys running on machines supporting AVX512IFMA instructions of the X86_64 architecture are affected by this issue.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-2274", }, { cve: "CVE-2022-2327", cwe: { id: "CWE-415", name: "Double Free", }, notes: [ { category: "summary", text: "io_uring use work_flags to determine which identity need to grab from the calling process to make sure it is consistent with the calling process when executing IORING_OP. Some operations are missing some types, which can lead to incorrect reference counts which can then lead to a double free. We recommend upgrading the kernel past commit df3f3bb5059d20ef094d6b2f0256c4bf4127a859", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-2327", }, { cve: "CVE-2022-2503", cwe: { id: "CWE-287", name: "Improper Authentication", }, notes: [ { category: "summary", text: "Dm-verity is used for extending root-of-trust to root filesystems. LoadPin builds on this property to restrict module/firmware loads to just the trusted root filesystem. Device-mapper table reloads currently allow users with root privileges to switch out the target with an equivalent dm-linear target and bypass verification till reboot. This allows root to bypass LoadPin and can be used to load untrusted and unverified kernel modules and firmware, which implies arbitrary kernel execution and persistence for peripherals that do not verify firmware updates. We recommend upgrading past commit 4caae58406f8ceb741603eee460d79bacca9b1b5", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 6.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-2503", }, { cve: "CVE-2022-2586", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free flaw was found in nf_tables cross-table in the net/netfilter/nf_tables_api.c function in the Linux kernel. This flaw allows a local, privileged attacker to cause a use-after-free problem at the time of table deletion, possibly leading to local privilege escalation.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 6.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-2586", }, { cve: "CVE-2022-2588", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-2588", }, { cve: "CVE-2022-2602", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "A flaw was found in the Linux kernel. A race issue occurs between an io_uring request and the Unix socket garbage collector, allowing an attacker local privilege escalation.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-2602", }, { cve: "CVE-2022-2663", cwe: { id: "CWE-923", name: "Improper Restriction of Communication Channel to Intended Endpoints", }, notes: [ { category: "summary", text: "An issue was found in the Linux kernel in nf_conntrack_irc where the message handling can be confused and incorrectly matches the message. A firewall may be able to be bypassed when users are using unencrypted IRC with nf_conntrack_irc configured.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-2663", }, { cve: "CVE-2022-2905", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "summary", text: "An out-of-bounds memory read flaw was found in the Linux kernel's BPF subsystem in how a user calls the bpf_tail_call function with a key larger than the max_entries of the map. This flaw allows a local user to gain unauthorized access to data.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-2905", }, { cve: "CVE-2022-2959", cwe: { id: "CWE-362", name: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", }, notes: [ { category: "summary", text: "A race condition was found in the Linux kernel's watch queue due to a missing lock in pipe_resize_ring(). The specific flaw exists within the handling of pipe buffers. The issue results from the lack of proper locking when performing operations on an object. This flaw allows a local user to crash the system or escalate their privileges on the system.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-2959", }, { cve: "CVE-2022-2978", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A flaw use after free in the Linux kernel NILFS file system was found in the way user triggers function security_inode_alloc to fail with following call to function nilfs_mdt_destroy. A local user could use this flaw to crash the system or potentially escalate their privileges on the system.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-2978", }, { cve: "CVE-2022-3028", cwe: { id: "CWE-362", name: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", }, notes: [ { category: "summary", text: "A race condition was found in the Linux kernel's IP framework for transforming packets (XFRM subsystem) when multiple calls to xfrm_probe_algs occurred simultaneously. This flaw could allow a local attacker to potentially trigger an out-of-bounds write or leak kernel heap memory by performing an out-of-bounds read and copying it into a socket.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-3028", }, { cve: "CVE-2022-3104", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "summary", text: "An issue was discovered in the Linux kernel through 5.16-rc6. lkdtm_ARRAY_BOUNDS in drivers/misc/lkdtm/bugs.c lacks check of the return value of kmalloc() and will cause the null pointer dereference.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-3104", }, { cve: "CVE-2022-3115", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "summary", text: "An issue was discovered in the Linux kernel through 5.16-rc6. malidp_crtc_reset in drivers/gpu/drm/arm/malidp_crtc.c lacks check of the return value of kzalloc() and will cause the null pointer dereference.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-3115", }, { cve: "CVE-2022-3169", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "A flaw was found in the Linux kernel. A denial of service flaw may occur if there is a consecutive request of the NVME_IOCTL_RESET and the NVME_IOCTL_SUBSYS_RESET through the device file of the driver, resulting in a PCIe link disconnect.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-3169", }, { cve: "CVE-2022-3303", cwe: { id: "CWE-362", name: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", }, notes: [ { category: "summary", text: "A race condition flaw was found in the Linux kernel sound subsystem due to improper locking. It could lead to a NULL pointer dereference while handling the SNDCTL_DSP_SYNC ioctl. A privileged local user (root or member of the audio group) could use this flaw to crash the system, resulting in a denial of service condition", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-3303", }, { cve: "CVE-2022-3521", cwe: { id: "CWE-362", name: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", }, notes: [ { category: "summary", text: "A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects the function kcm_tx_work of the file net/kcm/kcmsock.c of the component kcm. The manipulation leads to race condition. It is recommended to apply a patch to fix this issue. VDB-211018 is the identifier assigned to this vulnerability.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 2.5, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-3521", }, { cve: "CVE-2022-3524", cwe: { id: "CWE-404", name: "Improper Resource Shutdown or Release", }, notes: [ { category: "summary", text: "A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function ipv6_renew_options of the component IPv6 Handler. The manipulation leads to memory leak. The attack can be launched remotely. It is recommended to apply a patch to fix this issue. The identifier VDB-211021 was assigned to this vulnerability.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-3524", }, { cve: "CVE-2022-3534", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A vulnerability classified as critical has been found in Linux Kernel. Affected is the function btf_dump_name_dups of the file tools/lib/bpf/btf_dump.c of the component libbpf. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211032.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-3534", }, { cve: "CVE-2022-3545", cwe: { id: "CWE-119", name: "Improper Restriction of Operations within the Bounds of a Memory Buffer", }, notes: [ { category: "summary", text: "A vulnerability has been found in Linux Kernel and classified as critical. Affected by this vulnerability is the function area_cache_get of the file drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier VDB-211045 was assigned to this vulnerability.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-3545", }, { cve: "CVE-2022-3564", cwe: { id: "CWE-119", name: "Improper Restriction of Operations within the Bounds of a Memory Buffer", }, notes: [ { category: "summary", text: "A vulnerability classified as critical was found in Linux Kernel. Affected by this vulnerability is the function l2cap_reassemble_sdu of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211087.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-3564", }, { cve: "CVE-2022-3565", cwe: { id: "CWE-119", name: "Improper Restriction of Operations within the Bounds of a Memory Buffer", }, notes: [ { category: "summary", text: "A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function del_timer of the file drivers/isdn/mISDN/l1oip_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211088.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-3565", }, { cve: "CVE-2022-3586", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A flaw was found in the Linux kernel’s networking code. A use-after-free was found in the way the sch_sfb enqueue function used the socket buffer (SKB) cb field after the same SKB had been enqueued (and freed) into a child qdisc. This flaw allows a local, unprivileged user to crash the system, causing a denial of service.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-3586", }, { cve: "CVE-2022-3594", cwe: { id: "CWE-404", name: "Improper Resource Shutdown or Release", }, notes: [ { category: "summary", text: "A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function intr_callback of the file drivers/net/usb/r8152.c of the component BPF. The manipulation leads to logging of excessive data. The attack can be launched remotely. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211363.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-3594", }, { cve: "CVE-2022-3606", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "summary", text: "A vulnerability was found in Linux Kernel. It has been classified as problematic. This affects the function find_prog_by_sec_insn of the file tools/lib/bpf/libbpf.c of the component BPF. The manipulation leads to null pointer dereference. It is recommended to apply a patch to fix this issue. The identifier VDB-211749 was assigned to this vulnerability.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-3606", }, { cve: "CVE-2022-3621", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "summary", text: "A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function nilfs_bmap_lookup_at_level of the file fs/nilfs2/inode.c of the component nilfs2. The manipulation leads to null pointer dereference. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211920.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-3621", }, { cve: "CVE-2022-3625", cwe: { id: "CWE-119", name: "Improper Restriction of Operations within the Bounds of a Memory Buffer", }, notes: [ { category: "summary", text: "A vulnerability was found in Linux Kernel. It has been classified as critical. This affects the function devlink_param_set/devlink_param_get of the file net/core/devlink.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier VDB-211929 was assigned to this vulnerability.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-3625", }, { cve: "CVE-2022-3628", cwe: { id: "CWE-120", name: "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", }, notes: [ { category: "summary", text: "A buffer overflow flaw was found in the Linux kernel Broadcom Full MAC Wi-Fi driver. This issue occurs when a user connects to a malicious USB device. This can allow a local user to crash the system or escalate their privileges.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-3628", }, { cve: "CVE-2022-3629", cwe: { id: "CWE-401", name: "Missing Release of Memory after Effective Lifetime", }, notes: [ { category: "summary", text: "A vulnerability was found in Linux Kernel. It has been declared as problematic. This vulnerability affects the function vsock_connect of the file net/vmw_vsock/af_vsock.c. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. VDB-211930 is the identifier assigned to this vulnerability.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-3629", }, { cve: "CVE-2022-3633", cwe: { id: "CWE-401", name: "Missing Release of Memory after Effective Lifetime", }, notes: [ { category: "summary", text: "A vulnerability classified as problematic has been found in Linux Kernel. Affected is the function j1939_session_destroy of the file net/can/j1939/transport.c. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211932.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-3633", }, { cve: "CVE-2022-3635", cwe: { id: "CWE-119", name: "Improper Restriction of Operations within the Bounds of a Memory Buffer", }, notes: [ { category: "summary", text: "A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function tst_timer of the file drivers/atm/idt77252.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. VDB-211934 is the identifier assigned to this vulnerability.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-3635", }, { cve: "CVE-2022-3646", cwe: { id: "CWE-404", name: "Improper Resource Shutdown or Release", }, notes: [ { category: "summary", text: "A vulnerability, which was classified as problematic, has been found in Linux Kernel. This issue affects the function nilfs_attach_log_writer of the file fs/nilfs2/segment.c of the component BPF. The manipulation leads to memory leak. The attack may be initiated remotely. It is recommended to apply a patch to fix this issue. The identifier VDB-211961 was assigned to this vulnerability.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-3646", }, { cve: "CVE-2022-3649", cwe: { id: "CWE-119", name: "Improper Restriction of Operations within the Bounds of a Memory Buffer", }, notes: [ { category: "summary", text: "A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function nilfs_new_inode of the file fs/nilfs2/inode.c of the component BPF. The manipulation leads to use after free. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211992.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-3649", }, { cve: "CVE-2022-4095", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free flaw was found in Linux kernel before 5.19.2. This issue occurs in cmd_hdl_filter in drivers/staging/rtl8712/rtl8712_cmd.c, allowing an attacker to launch a local denial of service attack and gain escalation of privileges.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-4095", }, { cve: "CVE-2022-4129", cwe: { id: "CWE-667", name: "Improper Locking", }, notes: [ { category: "summary", text: "A flaw was found in the Linux kernel's Layer 2 Tunneling Protocol (L2TP). A missing lock when clearing sk_user_data can lead to a race condition and NULL pointer dereference. A local user could use this flaw to potentially crash the system causing a denial of service.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-4129", }, { cve: "CVE-2022-4139", cwe: { id: "CWE-401", name: "Missing Release of Memory after Effective Lifetime", }, notes: [ { category: "summary", text: "An incorrect TLB flush issue was found in the Linux kernel’s GPU i915 kernel driver, potentially leading to random memory corruption or data leaks. This flaw could allow a local user to crash the system or escalate their privileges on the system.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-4139", }, { cve: "CVE-2022-4269", cwe: { id: "CWE-833", name: "Deadlock", }, notes: [ { category: "summary", text: "A flaw was found in the Linux kernel Traffic Control (TC) subsystem. Using a specific networking configuration (redirecting egress packets to ingress using TC action \"mirred\") a local unprivileged user could trigger a CPU soft lockup (ABBA deadlock) when the transport protocol in use (TCP or SCTP) does a retransmission, resulting in a denial of service condition.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-4269", }, { cve: "CVE-2022-4304", cwe: { id: "CWE-326", name: "Inadequate Encryption Strength", }, notes: [ { category: "summary", text: "A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in a Bleichenbacher style attack. To achieve a successful decryption an attacker would have to be able to send a very large number of trial messages for decryption. The vulnerability affects all RSA padding modes: PKCS#1 v1.5, RSA-OEAP and RSASVE. For example, in a TLS connection, RSA is commonly used by a client to send an encrypted pre-master secret to the server. An attacker that had observed a genuine connection between a client and a server could use this flaw to send trial messages to the server and record the time taken to process them. After a sufficiently large number of messages the attacker could recover the pre-master secret used for the original connection and thus be able to decrypt the application data sent over that connection.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-4304", }, { cve: "CVE-2022-4450", cwe: { id: "CWE-415", name: "Double Free", }, notes: [ { category: "summary", text: "The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and decodes the \"name\" (e.g. \"CERTIFICATE\"), any header data and the payload data. If the function succeeds then the \"name_out\", \"header\" and \"data\" arguments are populated with pointers to buffers containing the relevant decoded data. The caller is responsible for freeing those buffers. It is possible to construct a PEM file that results in 0 bytes of payload data. In this case PEM_read_bio_ex() will return a failure code but will populate the header argument with a pointer to a buffer that has already been freed. If the caller also frees this buffer then a double free will occur. This will most likely lead to a crash. This could be exploited by an attacker who has the ability to supply malicious PEM files for parsing to achieve a denial of service attack. The functions PEM_read_bio() and PEM_read() are simple wrappers around PEM_read_bio_ex() and therefore these functions are also directly affected. These functions are also called indirectly by a number of other OpenSSL functions including PEM_X509_INFO_read_bio_ex() and SSL_CTX_use_serverinfo_file() which are also vulnerable. Some OpenSSL internal uses of these functions are not vulnerable because the caller does not free the header argument if PEM_read_bio_ex() returns a failure code. These locations include the PEM_read_bio_TYPE() functions as well as the decoders introduced in OpenSSL 3.0. The OpenSSL asn1parse command line application is also impacted by this issue.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-4450", }, { cve: "CVE-2022-4662", cwe: { id: "CWE-455", name: "Non-exit on Failed Initialization", }, notes: [ { category: "summary", text: "A flaw incorrect access control in the Linux kernel USB core subsystem was found in the way user attaches usb device. A local user could use this flaw to crash the system.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-4662", }, { cve: "CVE-2022-20421", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "In binder_inc_ref_for_node of binder.c, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-239630375References: Upstream kernel", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-20421", }, { cve: "CVE-2022-20422", cwe: { id: "CWE-362", name: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", }, notes: [ { category: "summary", text: "In emulation_proc_handler of armv8_deprecated.c, there is a possible way to corrupt memory due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-237540956References: Upstream kernel", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-20422", }, { cve: "CVE-2022-20566", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "In l2cap_chan_put of l2cap_core, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-165329981References: Upstream kernel", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-20566", }, { cve: "CVE-2022-20572", cwe: { id: "CWE-863", name: "Incorrect Authorization", }, notes: [ { category: "summary", text: "In verity_target of dm-verity-target.c, there is a possible way to modify read-only files due to a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-234475629References: Upstream kernel", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 6.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-20572", }, { cve: "CVE-2022-21123", cwe: { id: "CWE-459", name: "Incomplete Cleanup", }, notes: [ { category: "summary", text: "Incomplete cleanup of multi-core shared buffers for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-21123", }, { cve: "CVE-2022-21125", cwe: { id: "CWE-459", name: "Incomplete Cleanup", }, notes: [ { category: "summary", text: "Incomplete cleanup of microarchitectural fill buffers on some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-21125", }, { cve: "CVE-2022-21166", cwe: { id: "CWE-459", name: "Incomplete Cleanup", }, notes: [ { category: "summary", text: "Incomplete cleanup in specific special register write operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-21166", }, { cve: "CVE-2022-21505", cwe: { id: "CWE-305", name: "Authentication Bypass by Primary Weakness", }, notes: [ { category: "summary", text: "A bug in the IMA subsystem was discovered which would incorrectly allow kexec to be used when kernel lockdown was enabled", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 6.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-21505", }, { cve: "CVE-2022-26373", cwe: { id: "CWE-311", name: "Missing Encryption of Sensitive Data", }, notes: [ { category: "summary", text: "Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-26373", }, { cve: "CVE-2022-32250", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "net/netfilter/nf_tables_api.c in the Linux kernel through 5.18.1 allows a local user (able to create user/net namespaces) to escalate privileges to root because an incorrect NFT_STATEFUL_EXPR check leads to a use-after-free.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-32250", }, { cve: "CVE-2022-32296", cwe: { id: "CWE-203", name: "Observable Discrepancy", }, notes: [ { category: "summary", text: "The Linux kernel before 5.17.9 allows TCP servers to identify clients by observing what source ports are used. This occurs because of use of Algorithm 4 (\"Double-Hash Port Selection Algorithm\") of RFC 6056.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-32296", }, { cve: "CVE-2022-34918", cwe: { id: "CWE-843", name: "Access of Resource Using Incompatible Type ('Type Confusion')", }, notes: [ { category: "summary", text: "An issue was discovered in the Linux kernel through 5.18.9. A type confusion bug in nft_set_elem_init (leading to a buffer overflow) could be used by a local attacker to escalate privileges, a different vulnerability than CVE-2022-32250. (The attacker can obtain root access, but must start with an unprivileged user namespace to obtain CAP_NET_ADMIN access.) This can be fixed in nft_setelem_parse_data in net/netfilter/nf_tables_api.c.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-34918", }, { cve: "CVE-2022-36123", cwe: { id: "CWE-311", name: "Missing Encryption of Sensitive Data", }, notes: [ { category: "summary", text: "The Linux kernel before 5.18.13 lacks a certain clear operation for the block starting symbol (.bss). This allows Xen PV guest OS users to cause a denial of service or gain privileges.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-36123", }, { cve: "CVE-2022-36280", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "An out-of-bounds(OOB) memory access vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_kms.c in GPU component in the Linux kernel with device file '/dev/dri/renderD128 (or Dxxx)'. This flaw allows a local attacker with a user account on the system to gain privilege, causing a denial of service(DoS).", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-36280", }, { cve: "CVE-2022-36879", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "An issue was discovered in the Linux kernel through 5.18.14. xfrm_expand_policies in net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-36879", }, { cve: "CVE-2022-36946", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "nfqnl_mangle in net/netfilter/nfnetlink_queue.c in the Linux kernel through 5.18.14 allows remote attackers to cause a denial of service (panic) because, in the case of an nf_queue verdict with a one-byte nfta_payload attribute, an skb_pull can encounter a negative skb->len.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-36946", }, { cve: "CVE-2022-39188", cwe: { id: "CWE-362", name: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", }, notes: [ { category: "summary", text: "An issue was discovered in include/asm-generic/tlb.h in the Linux kernel before 5.19. Because of a race condition (unmap_mapping_range versus munmap), a device driver can free a page while it still has stale TLB entries. This only occurs in situations with VM_PFNMAP VMAs.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-39188", }, { cve: "CVE-2022-39190", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "summary", text: "An issue was discovered in net/netfilter/nf_tables_api.c in the Linux kernel before 5.19.6. A denial of service can occur upon binding to an already bound chain.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-39190", }, { cve: "CVE-2022-40307", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "An issue was discovered in the Linux kernel through 5.19.8. drivers/firmware/efi/capsule-loader.c has a race condition with a resultant use-after-free.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-40307", }, { cve: "CVE-2022-40768", cwe: { id: "CWE-668", name: "Exposure of Resource to Wrong Sphere", }, notes: [ { category: "summary", text: "drivers/scsi/stex.c in the Linux kernel through 5.19.9 allows local users to obtain sensitive information from kernel memory because stex_queuecommand_lck lacks a memset for the PASSTHRU_CMD case.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-40768", }, { cve: "CVE-2022-41218", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "In drivers/media/dvb-core/dmxdev.c in the Linux kernel through 5.19.10, there is a use-after-free caused by refcount races, affecting dvb_demux_open and dvb_dmxdev_release.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-41218", }, { cve: "CVE-2022-41222", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "mm/mremap.c in the Linux kernel before 5.13.3 has a use-after-free via a stale TLB because an rmap lock is not held during a PUD move.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-41222", }, { cve: "CVE-2022-41674", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "An issue was discovered in the Linux kernel before 5.19.16. Attackers able to inject WLAN frames could cause a buffer overflow in the ieee80211_bss_info_update function in net/mac80211/scan.c.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-41674", }, { cve: "CVE-2022-41849", cwe: { id: "CWE-362", name: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", }, notes: [ { category: "summary", text: "drivers/video/fbdev/smscufx.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free if a physically proximate attacker removes a USB device while calling open(), aka a race condition between ufx_ops_open and ufx_usb_disconnect.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 4.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-41849", }, { cve: "CVE-2022-41850", cwe: { id: "CWE-362", name: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", }, notes: [ { category: "summary", text: "roccat_report_event in drivers/hid/hid-roccat.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free in certain situations where a report is received while copying a report->value is in progress.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-41850", }, { cve: "CVE-2022-42328", cwe: { id: "CWE-667", name: "Improper Locking", }, notes: [ { category: "summary", text: "Guests can trigger deadlock in Linux netback driver [This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] The patch for XSA-392 introduced another issue which might result in a deadlock when trying to free the SKB of a packet dropped due to the XSA-392 handling (CVE-2022-42328). Additionally when dropping packages for other reasons the same deadlock could occur in case of netpoll being active for the interface the xen-netback driver is connected to (CVE-2022-42329).", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-42328", }, { cve: "CVE-2022-42329", cwe: { id: "CWE-667", name: "Improper Locking", }, notes: [ { category: "summary", text: "Guests can trigger deadlock in Linux netback drive. The patch for XSA-392 introduced another issue which might result in a deadlock when trying to free the SKB of a packet dropped due to the XSA-392 handling (CVE-2022-42328). Additionally when dropping packages for other reasons the same deadlock could occur in case of netpoll being active for the interface the xen-netback driver is connected to (CVE-2022-42329).", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-42329", }, { cve: "CVE-2022-42432", cwe: { id: "CWE-457", name: "Use of Uninitialized Variable", }, notes: [ { category: "summary", text: "This vulnerability allows local attackers to disclose sensitive information on affected installations of the Linux Kernel 6.0-rc2. An attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the nft_osf_eval function. The issue results from the lack of proper initialization of memory prior to accessing it. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the kernel. Was ZDI-CAN-18540.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-42432", }, { cve: "CVE-2022-42703", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "mm/rmap.c in the Linux kernel before 5.19.7 has a use-after-free related to leaf anon_vma double reuse.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-42703", }, { cve: "CVE-2022-42719", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free in the mac80211 stack when parsing a multi-BSSID element in the Linux kernel 5.2 through 5.19.x before 5.19.16 could be used by attackers (able to inject WLAN frames) to crash the kernel and potentially execute code.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-42719", }, { cve: "CVE-2022-42720", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "Various refcounting bugs in the multi-BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to trigger use-after-free conditions to potentially execute code.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-42720", }, { cve: "CVE-2022-42721", cwe: { id: "CWE-835", name: "Loop with Unreachable Exit Condition ('Infinite Loop')", }, notes: [ { category: "summary", text: "A list management bug in BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to corrupt a linked list and, in turn, potentially execute code.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-42721", }, { cve: "CVE-2022-42722", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "summary", text: "In the Linux kernel 5.8 through 5.19.x before 5.19.16, local attackers able to inject WLAN frames into the mac80211 stack could cause a NULL pointer dereference denial-of-service attack against the beacon protection of P2P devices.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-42722", }, { cve: "CVE-2022-42895", cwe: { id: "CWE-824", name: "Access of Uninitialized Pointer", }, notes: [ { category: "summary", text: "There is an infoleak vulnerability in the Linux kernel's net/bluetooth/l2cap_core.c's l2cap_parse_conf_req function which can be used to leak kernel pointers remotely. We recommend upgrading past commit https://github.com/torvalds/linux/commit/b1a2cd50c0357f243b7435a732b4e62ba3157a2e", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-42895", }, { cve: "CVE-2022-42896", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "There are use-after-free vulnerabilities in the Linux kernel's net/bluetooth/l2cap_core.c's l2cap_connect and l2cap_le_connect_req functions which may allow code execution and leaking kernel memory (respectively) remotely via Bluetooth. A remote attacker could execute code leaking kernel memory via Bluetooth if within proximity of the victim. We recommend upgrading past commit https://github.com/torvalds/linux/commit/711f8c3fb3db61897080468586b970c87c61d9e4", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-42896", }, { cve: "CVE-2022-43750", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "drivers/usb/mon/mon_bin.c in usbmon in the Linux kernel before 5.19.15 and 6.x before 6.0.1 allows a user-space client to corrupt the monitor's internal memory.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 6.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-43750", }, { cve: "CVE-2022-47518", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "An issue was discovered in the Linux kernel before 6.0.11. Missing validation of the number of channels in drivers/net/wireless/microchip/wilc1000/cfg80211.c in the WILC1000 wireless driver can trigger a heap-based buffer overflow when copying the list of operating channels from Wi-Fi management frames.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-47518", }, { cve: "CVE-2022-47520", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "summary", text: "An issue was discovered in the Linux kernel before 6.0.11. Missing offset validation in drivers/net/wireless/microchip/wilc1000/hif.c in the WILC1000 wireless driver can trigger an out-of-bounds read when parsing a Robust Security Network (RSN) information element from a Netlink packet.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-47520", }, { cve: "CVE-2022-47929", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "summary", text: "In the Linux kernel before 6.1.6, a NULL pointer dereference bug in the traffic control subsystem allows an unprivileged user to trigger a denial of service (system crash) via a crafted traffic control configuration that is set up with \"tc qdisc\" and \"tc class\" commands. This affects qdisc_graft in net/sched/sch_api.c.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-47929", }, { cve: "CVE-2022-47946", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "An issue was discovered in the Linux kernel 5.10.x before 5.10.155. A use-after-free in io_sqpoll_wait_sq in fs/io_uring.c allows an attacker to crash the kernel, resulting in denial of service. finish_wait can be skipped. An attack can occur in some situations by forking a process and then quickly terminating it. NOTE: later kernel versions, such as the 5.15 longterm series, substantially changed the implementation of io_sqpoll_wait_sq.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-47946", }, { cve: "CVE-2023-0215", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "The public API function BIO_new_NDEF is a helper function used for streaming ASN.1 data via a BIO. It is primarily used internally to OpenSSL to support the SMIME, CMS and PKCS7 streaming capabilities, but may also be called directly by end user applications. The function receives a BIO from the caller, prepends a new BIO_f_asn1 filter BIO onto the front of it to form a BIO chain, and then returns the new head of the BIO chain to the caller. Under certain conditions, for example if a CMS recipient public key is invalid, the new filter BIO is freed and the function returns a NULL result indicating a failure. However, in this case, the BIO chain is not properly cleaned up and the BIO passed by the caller still retains internal pointers to the previously freed filter BIO. If the caller then goes on to call BIO_pop() on the BIO then a use-after-free will occur. This will most likely result in a crash. This scenario occurs directly in the internal function B64_write_ASN1() which may cause BIO_new_NDEF() to be called and will subsequently call BIO_pop() on the BIO. This internal function is in turn called by the public API functions PEM_write_bio_ASN1_stream, PEM_write_bio_CMS_stream, PEM_write_bio_PKCS7_stream, SMIME_write_ASN1, SMIME_write_CMS and SMIME_write_PKCS7. Other public API functions that may be impacted by this include i2d_ASN1_bio_stream, BIO_new_CMS, BIO_new_PKCS7, i2d_CMS_bio_stream and i2d_PKCS7_bio_stream. The OpenSSL cms and smime command line applications are similarly affected.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-0215", }, { cve: "CVE-2023-0286", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING but the public structure definition for GENERAL_NAME incorrectly specified the type of the x400Address field as ASN1_TYPE. This field is subsequently interpreted by the OpenSSL function GENERAL_NAME_cmp as an ASN1_TYPE rather than an ASN1_STRING. When CRL checking is enabled (i.e. the application sets the X509_V_FLAG_CRL_CHECK flag), this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call, enabling them to read memory contents or enact a denial of service. In most cases, the attack requires the attacker to provide both the certificate chain and CRL, neither of which need to have a valid signature. If the attacker only controls one of these inputs, the other input must already contain an X.400 address as a CRL distribution point, which is uncommon. As such, this vulnerability is most likely to only affect applications which have implemented their own functionality for retrieving CRLs over a network.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7.4, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-0286", }, { cve: "CVE-2023-0464", cwe: { id: "CWE-295", name: "Improper Certificate Validation", }, notes: [ { category: "summary", text: "A security vulnerability has been identified in all supported versions of OpenSSL related to the verification of X.509 certificate chains that include policy constraints. Attackers may be able to exploit this vulnerability by creating a malicious certificate chain that triggers exponential use of computational resources, leading to a denial-of-service (DoS) attack on affected systems.\r\n\r\nPolicy processing is disabled by default but can be enabled by passing the `-policy` argument to the command line utilities or by calling the `X509_VERIFY_PARAM_set1_policies()` function.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-0464", }, { cve: "CVE-2023-0465", cwe: { id: "CWE-295", name: "Improper Certificate Validation", }, notes: [ { category: "summary", text: "Applications that use a non-default option when verifying certificates may be\r\nvulnerable to an attack from a malicious CA to circumvent certain checks.\r\n\r\nInvalid certificate policies in leaf certificates are silently ignored by\r\nOpenSSL and other certificate policy checks are skipped for that certificate.\r\nA malicious CA could use this to deliberately assert invalid certificate policies\r\nin order to circumvent policy checking on the certificate altogether.\r\n\r\nPolicy processing is disabled by default but can be enabled by passing\r\nthe `-policy` argument to the command line utilities or by calling the\r\n`X509_VERIFY_PARAM_set1_policies()` function.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-0465", }, { cve: "CVE-2023-0466", cwe: { id: "CWE-295", name: "Improper Certificate Validation", }, notes: [ { category: "summary", text: "The function X509_VERIFY_PARAM_add0_policy() is documented to\nimplicitly enable the certificate policy check when doing certificate\nverification. However the implementation of the function does not\nenable the check which allows certificates with invalid or incorrect\npolicies to pass the certificate verification.\n\nAs suddenly enabling the policy check could break existing deployments it was\ndecided to keep the existing behavior of the X509_VERIFY_PARAM_add0_policy()\nfunction.\n\nInstead the applications that require OpenSSL to perform certificate\npolicy check need to use X509_VERIFY_PARAM_set1_policies() or explicitly\nenable the policy check by calling X509_VERIFY_PARAM_set_flags() with\nthe X509_V_FLAG_POLICY_CHECK flag argument.\n\nCertificate policy checks are disabled by default in OpenSSL and are not\ncommonly used by applications.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-0466", }, { cve: "CVE-2023-0590", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free flaw was found in qdisc_graft in net/sched/sch_api.c in the Linux Kernel due to a race problem. This flaw leads to a denial of service issue. If patch ebda44da44f6 (\"net: sched: fix race condition in qdisc_graft()\") not applied yet, then kernel could be affected.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-0590", }, { cve: "CVE-2023-1077", cwe: { id: "CWE-843", name: "Access of Resource Using Incompatible Type ('Type Confusion')", }, notes: [ { category: "summary", text: "In the Linux kernel, pick_next_rt_entity() may return a type confused entry, not detected by the BUG_ON condition, as the confused entry will not be NULL, but list_head.The buggy error condition would lead to a type confused entry with the list head,which would then be used as a type confused sched_rt_entity,causing memory corruption.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-1077", }, { cve: "CVE-2023-1095", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "summary", text: "In nf_tables_updtable, if nf_tables_table_enable returns an error, nft_trans_destroy is called to free the transaction object. nft_trans_destroy() calls list_del(), but the transaction was never placed on a list -- the list head is all zeroes, this results in a NULL pointer dereference.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-1095", }, { cve: "CVE-2023-1206", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "summary", text: "A hash collision flaw was found in the IPv6 connection lookup table in the Linux kernel’s IPv6 functionality when a user makes a new kind of SYN flood attack. A user located in the local network or with a high bandwidth connection can increase the CPU usage of the server that accepts IPV6 connections up to 95%.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-1206", }, { cve: "CVE-2023-2898", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "summary", text: "There is a null-pointer-dereference flaw found in f2fs_write_end_io in fs/f2fs/data.c in the Linux kernel. This flaw allows a local privileged user to cause a denial of service problem.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-2898", }, { cve: "CVE-2023-3141", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free flaw was found in r592_remove in drivers/memstick/host/r592.c in media access in the Linux Kernel. This flaw allows a local attacker to crash the system at device disconnect, possibly leading to a kernel information leak.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-3141", }, { cve: "CVE-2023-3268", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "summary", text: "An out of bounds (OOB) memory access flaw was found in the Linux kernel in relay_file_read_start_pos in kernel/relay.c in the relayfs. This flaw could allow a local attacker to crash the system or leak kernel internal information.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-3268", }, { cve: "CVE-2023-3338", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "summary", text: "A null pointer dereference flaw was found in the Linux kernel's DECnet networking protocol. This issue could allow a remote user to crash the system.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-3338", }, { cve: "CVE-2023-3389", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free vulnerability in the Linux Kernel io_uring subsystem can be exploited to achieve local privilege escalation. Racing a io_uring cancel poll request with a linked timeout can cause a UAF in a hrtimer.\r\n\r\nWe recommend upgrading past commit `ef7dfac51d8ed961b742218f526bd589f3900a59` \r\n(`4716c73b188566865bdd79c3a6709696a224ac04` for 5.10 stable and \r\n`0e388fce7aec40992eadee654193cad345d62663` for 5.15 stable).", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-3389", }, { cve: "CVE-2023-3446", cwe: { id: "CWE-1333", name: "Inefficient Regular Expression Complexity", }, notes: [ { category: "summary", text: "Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_check(), DH_check_ex() or EVP_PKEY_param_check() to check a DH key or DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. The function DH_check() performs various checks on DH parameters. One of those checks confirms that the modulus ('p' parameter) is not too large. Trying to use a very large modulus is slow and OpenSSL will not normally use a modulus which is over 10,000 bits in length. However the DH_check() function checks numerous aspects of the key or parameters that have been supplied. Some of those checks use the supplied modulus value even if it has already been found to be too large. An application that calls DH_check() and supplies a key or parameters obtained from an untrusted source could be vulernable to a Denial of Service attack. The function DH_check() is itself called by a number of other OpenSSL functions. An application calling any of those other functions may similarly be affected. The other functions affected by this are DH_check_ex() and EVP_PKEY_param_check(). Also vulnerable are the OpenSSL dhparam and pkeyparam command line applications when using the '-check' option. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-3446", }, { cve: "CVE-2023-3609", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free vulnerability in the Linux kernel's net/sched: cls_u32 component can be exploited to achieve local privilege escalation.\r\n\r\nIf tcf_change_indev() fails, u32_set_parms() will immediately return an error after incrementing or decrementing the reference counter in tcf_bind_filter(). If an attacker can control the reference counter and set it to zero, they can cause the reference to be freed, leading to a use-after-free vulnerability.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-3609", }, { cve: "CVE-2023-3610", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation.\r\n\r\nFlaw in the error handling of bound chains causes a use-after-free in the abort path of NFT_MSG_NEWRULE. The vulnerability requires CAP_NET_ADMIN to be triggered.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-3610", }, { cve: "CVE-2023-3611", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "An out-of-bounds write vulnerability in the Linux kernel's net/sched: sch_qfq component can be exploited to achieve local privilege escalation.\r\n\r\nThe qfq_change_agg() function in net/sched/sch_qfq.c allows an out-of-bounds write because lmax is updated according to packet sizes without bounds checks.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-3611", }, { cve: "CVE-2023-3772", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "summary", text: "A flaw was found in the Linux kernel's IP framework for transforming packets (XFRM subsystem). This issue may allow a malicious user with CAP_NET_ADMIN privileges to directly dereference a NULL pointer in xfrm_update_ae_params(), leading to a possible kernel crash and denial of service.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-3772", }, { cve: "CVE-2023-3773", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "summary", text: "A flaw was found in the Linux kernel's IP framework for transforming packets (XFRM subsystem). This issue may allow a malicious user with CAP_NET_ADMIN privileges to cause a 4 byte out-of-bounds read of XFRMA_MTIMER_THRESH when parsing netlink attributes, leading to potential leakage of sensitive heap data to userspace.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-3773", }, { cve: "CVE-2023-3777", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation.\n\nWhen nf_tables_delrule() is flushing table rules, it is not checked whether the chain is bound and the chain's owner rule can also release the objects in certain circumstances.\n\nWe recommend upgrading past commit 6eaf41e87a223ae6f8e7a28d6e78384ad7e407f8.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-3777", }, { cve: "CVE-2023-4004", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "A use-after-free flaw was found in the Linux kernel's netfilter in the way a user triggers the nft_pipapo_remove function with the element, without a NFT_SET_EXT_KEY_END. This issue could allow a local user to crash the system or potentially escalate their privileges on the system.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-4004", }, { cve: "CVE-2023-4015", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "The netfilter subsystem in the Linux kernel did not properly handle bound chain deactivation in certain circumstances. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 8.4, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-4015", }, { cve: "CVE-2023-4273", cwe: { id: "CWE-121", name: "Stack-based Buffer Overflow", }, notes: [ { category: "summary", text: "This vulnerability exists in the implementation of the file name reconstruction function, which is responsible for reading file name entries from a directory index and merging file name parts belonging to one file into a single long file name. Since the file name characters are copied into a stack variable, a local privileged attacker could use this vulnerability to overflow the kernel stack.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-4273", }, { cve: "CVE-2023-4623", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free vulnerability in the Linux kernel's net/sched: sch_hfsc (HFSC qdisc traffic control) component can be exploited to achieve local privilege escalation.\n\nIf a class with a link-sharing curve (i.e. with the HFSC_FSC flag set) has a parent without a link-sharing curve, then init_vf() will call vttree_insert() on the parent, but vttree_remove() will be skipped in update_vf(). This leaves a dangling pointer that can cause a use-after-free.\n\nWe recommend upgrading past commit b3d26c5702c7d6c45456326e56d2ccf3f103e60f.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-4623", }, { cve: "CVE-2023-4911", cwe: { id: "CWE-121", name: "Stack-based Buffer Overflow", }, notes: [ { category: "summary", text: "A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-4911", }, { cve: "CVE-2023-4921", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free vulnerability in the Linux kernel's net/sched: sch_qfq component can be exploited to achieve local privilege escalation.\n\nWhen the plug qdisc is used as a class of the qfq qdisc, sending network packets triggers use-after-free in qfq_dequeue() due to the incorrect .peek handler of sch_plug and lack of error checking in agg_dequeue().\n\nWe recommend upgrading past commit 8fc134fee27f2263988ae38920bc03da416b03d8.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-4921", }, { cve: "CVE-2023-5178", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free vulnerability was found in drivers/nvme/target/tcp.c` in `nvmet_tcp_free_crypto` due to a logical bug in the NVMe-oF/TCP subsystem in the Linux kernel. This issue may allow a malicious local privileged user to cause a use-after-free and double-free problem, which may permit remote code execution or lead to local privilege escalation problem.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-5178", }, { cve: "CVE-2023-5197", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation.\r\n\r\nAddition and removal of rules from chain bindings within the same transaction causes leads to use-after-free.\r\n\r\nWe recommend upgrading past commit f15f29fd4779be8a418b66e9d52979bb6d6c2325.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-5197", }, { cve: "CVE-2023-5678", cwe: { id: "CWE-754", name: "Improper Check for Unusual or Exceptional Conditions", }, notes: [ { category: "summary", text: "Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_generate_key() to generate an X9.42 DH key may experience long delays. Likewise, applications that use DH_check_pub_key(), DH_check_pub_key_ex() or EVP_PKEY_public_check() to check an X9.42 DH key or X9.42 DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. While DH_check() performs all the necessary checks (as of CVE-2023-3817), DH_check_pub_key() doesn't make any of these checks, and is therefore vulnerable for excessively large P and Q parameters. Likewise, while DH_generate_key() performs a check for an excessively large P, it doesn't check for an excessively large Q. An application that calls DH_generate_key() or DH_check_pub_key() and supplies a key or parameters obtained from an untrusted source could be vulnerable to a Denial of Service attack. DH_generate_key() and DH_check_pub_key() are also called by a number of other OpenSSL functions. An application calling any of those other functions may similarly be affected. The other functions affected by this are DH_check_pub_key_ex(), EVP_PKEY_public_check(), and EVP_PKEY_generate(). Also vulnerable are the OpenSSL pkey command line application when using the \"-pubcheck\" option, as well as the OpenSSL genpkey command line application. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-5678", }, { cve: "CVE-2023-5717", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "A heap out-of-bounds write vulnerability in the Linux kernel's Linux Kernel Performance Events (perf) component can be exploited to achieve local privilege escalation.\r\n\r\nIf perf_read_group() is called while an event's sibling_list is smaller than its child's sibling_list, it can increment or write to memory locations outside of the allocated buffer.\r\n\r\nWe recommend upgrading past commit 32671e3799ca2e4590773fd0e63aaa4229e50c06.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-5717", }, { cve: "CVE-2023-6606", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "summary", text: "An out-of-bounds read vulnerability was found in smbCalcSize in fs/smb/client/netmisc.c in the Linux Kernel. This issue could allow a local attacker to crash the system or leak internal kernel information.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-6606", }, { cve: "CVE-2023-6931", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "A heap out-of-bounds write vulnerability in the Linux kernel's Performance Events system component can be exploited to achieve local privilege escalation.\n\nA perf_event's read_size can overflow, leading to an heap out-of-bounds increment or write in perf_read_group().\n\nWe recommend upgrading past commit 382c27f4ed28f803b1f1473ac2d8db0afc795a1b.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-6931", }, { cve: "CVE-2023-6932", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free vulnerability in the Linux kernel's ipv4: igmp component can be exploited to achieve local privilege escalation.\n\nA race condition can be exploited to cause a timer be mistakenly registered on a RCU read locked object which is freed by another thread.\n\nWe recommend upgrading past commit e2b706c691905fe78468c361aaabc719d0a496f1.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-6932", }, { cve: "CVE-2023-7008", cwe: { id: "CWE-300", name: "Channel Accessible by Non-Endpoint", }, notes: [ { category: "summary", text: "A vulnerability was found in systemd-resolved. This issue may allow systemd-resolved to accept records of DNSSEC-signed domains even when they have no signature, allowing man-in-the-middles (or the upstream DNS resolver) to manipulate records.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-7008", }, { cve: "CVE-2023-7104", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, notes: [ { category: "summary", text: "A vulnerability was found in SQLite SQLite3 up to 3.43.0 and classified as critical. This issue affects the function sessionReadRecord of the file ext/session/sqlite3session.c of the component make alltest Handler. The manipulation leads to heap-based buffer overflow. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-248999.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-7104", }, { cve: "CVE-2023-23454", cwe: { id: "CWE-843", name: "Access of Resource Using Incompatible Type ('Type Confusion')", }, notes: [ { category: "summary", text: "cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service (slab-out-of-bounds read) because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results).", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-23454", }, { cve: "CVE-2023-23455", cwe: { id: "CWE-843", name: "Access of Resource Using Incompatible Type ('Type Confusion')", }, notes: [ { category: "summary", text: "atm_tc_enqueue in net/sched/sch_atm.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results).", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-23455", }, { cve: "CVE-2023-23559", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, notes: [ { category: "summary", text: "In rndis_query_oid in drivers/net/wireless/rndis_wlan.c in the Linux kernel through 6.1.5, there is an integer overflow in an addition.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-23559", }, { cve: "CVE-2023-26607", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "summary", text: "In the Linux kernel 6.0.8, there is an out-of-bounds read in ntfs_attr_find in fs/ntfs/attrib.c.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-26607", }, { cve: "CVE-2023-31085", cwe: { id: "CWE-369", name: "Divide By Zero", }, notes: [ { category: "summary", text: "An issue was discovered in drivers/mtd/ubi/cdev.c in the Linux kernel 6.2. There is a divide-by-zero error in do_div(sz,mtd->erasesize), used indirectly by ctrl_cdev_ioctl, when mtd->erasesize is 0.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-31085", }, { cve: "CVE-2023-31436", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "qfq_change_class in net/sched/sch_qfq.c in the Linux kernel before 6.2.13 allows an out-of-bounds write because lmax can exceed QFQ_MIN_LMAX.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-31436", }, { cve: "CVE-2023-32233", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "In the Linux kernel through 6.3.1, a use-after-free in Netfilter nf_tables when processing batch requests can be abused to perform arbitrary read and write operations on kernel memory. Unprivileged local users can obtain root privileges. This occurs because anonymous sets are mishandled.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-32233", }, { cve: "CVE-2023-35001", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in any user or network namespace", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-35001", }, { cve: "CVE-2023-35827", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "An issue was discovered in the Linux kernel through 6.3.8. A use-after-free was found in ravb_remove in drivers/net/ethernet/renesas/ravb_main.c.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-35827", }, { cve: "CVE-2023-36660", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "The OCB feature in libnettle in Nettle 3.9 before 3.9.1 allows memory corruption.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-36660", }, { cve: "CVE-2023-37453", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "summary", text: "An issue was discovered in the USB subsystem in the Linux kernel through 6.4.2. There is an out-of-bounds and crash in read_descriptors in drivers/usb/core/sysfs.c.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 4.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-37453", }, { cve: "CVE-2023-39189", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "summary", text: "A flaw was found in the Netfilter subsystem in the Linux kernel. The nfnl_osf_add_callback function did not validate the user mode controlled opt_num field. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, leading to a crash or information disclosure.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:L/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-39189", }, { cve: "CVE-2023-39192", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "summary", text: "A flaw was found in the Netfilter subsystem in the Linux kernel. The xt_u32 module did not validate the fields in the xt_u32 structure. This flaw allows a local privileged attacker to trigger an out-of-bounds read by setting the size fields with a value beyond the array boundaries, leading to a crash or information disclosure.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 6.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-39192", }, { cve: "CVE-2023-39193", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "summary", text: "A flaw was found in the Netfilter subsystem in the Linux kernel. The sctp_mt_check did not validate the flag_count field. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, leading to a crash or information disclosure.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 6.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-39193", }, { cve: "CVE-2023-39194", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "summary", text: "A flaw was found in the XFRM subsystem in the Linux kernel. The specific flaw exists within the processing of state filters, which can result in a read past the end of an allocated buffer. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, potentially leading to an information disclosure.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 3.2, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-39194", }, { cve: "CVE-2023-42753", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a miscalculation of the `h->nets` array offset, providing attackers with the primitive to arbitrarily increment/decrement a memory buffer out-of-bound. This issue may allow a local user to crash the system or potentially escalate their privileges on the system.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-42753", }, { cve: "CVE-2023-42754", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "summary", text: "A NULL pointer dereference flaw was found in the Linux kernel ipv4 stack. The socket buffer (skb) was assumed to be associated with a device before calling __ip_options_compile, which is not always the case if the skb is re-routed by ipvs. This issue may allow a local user with CAP_NET_ADMIN privileges to crash the system.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-42754", }, { cve: "CVE-2023-42755", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "summary", text: "A flaw was found in the IPv4 Resource Reservation Protocol (RSVP) classifier in the Linux kernel. The xprt pointer may go beyond the linear part of the skb, leading to an out-of-bounds read in the `rsvp_classify` function. This issue may allow a local user to crash the system and cause a denial of service.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-42755", }, { cve: "CVE-2023-45863", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "An issue was discovered in lib/kobject.c in the Linux kernel before 6.2.3. With root access, an attacker can trigger a race condition that results in a fill_kobj_path out-of-bounds write.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-45863", }, { cve: "CVE-2023-45871", cwe: { id: "CWE-120", name: "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", }, notes: [ { category: "summary", text: "An issue was discovered in drivers/net/ethernet/intel/igb/igb_main.c in the IGB driver in the Linux kernel before 6.5.3. A buffer size may not be adequate for frames larger than the MTU.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-45871", }, { cve: "CVE-2023-48795", cwe: { id: "CWE-222", name: "Truncation of Security-relevant Information", }, notes: [ { category: "summary", text: "The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH's use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust; and there could be effects on Bitvise SSH through 9.31.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-48795", }, { cve: "CVE-2023-50495", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "NCurse v6.4-20230418 was discovered to contain a segmentation fault via the component _nc_wrap_entry().", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-50495", }, { cve: "CVE-2023-51384", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS#11-hosted private keys, these constraints are only applied to the first key, even if a PKCS#11 token returns multiple keys.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-51384", }, { cve: "CVE-2023-51385", cwe: { id: "CWE-78", name: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", }, notes: [ { category: "summary", text: "In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters in a user name or host name.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-51385", }, { cve: "CVE-2023-51767", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "OpenSSH through 9.6, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer value of authenticated in mm_answer_authpassword does not resist flips of a single bit. NOTE: this is applicable to a certain threat model of attacker-victim co-location in which the attacker has user privileges.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-51767", }, { cve: "CVE-2024-0232", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A heap use-after-free issue has been identified in SQLite in the jsonParseAddNodeArray() function in sqlite3.c. This flaw allows a local attacker to leverage a victim to pass specially crafted malicious input to the application, potentially causing a crash and leading to a denial of service.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2024-0232", }, { cve: "CVE-2024-0553", cwe: { id: "CWE-203", name: "Observable Discrepancy", }, notes: [ { category: "summary", text: "A vulnerability was found in GnuTLS. The response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from the response times of ciphertexts with correct PKCS#1 v1.5 padding. This issue may allow a remote attacker to perform a timing side-channel attack in the RSA-PSK key exchange, potentially leading to the leakage of sensitive data. CVE-2024-0553 is designated as an incomplete resolution for CVE-2023-5981.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2024-0553", }, { cve: "CVE-2024-0567", cwe: { id: "CWE-347", name: "Improper Verification of Cryptographic Signature", }, notes: [ { category: "summary", text: "A vulnerability was found in GnuTLS, where a cockpit (which uses gnuTLS) rejects a certificate chain with distributed trust. This issue occurs when validating a certificate chain with cockpit-certificate-ensure. This flaw allows an unauthenticated, remote client or attacker to initiate a denial of service attack.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2024-0567", }, { cve: "CVE-2024-0584", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free issue was found in igmp_start_timer in net/ipv4/igmp.c in the network sub-component in the Linux Kernel. This flaw allows a local user to observe a refcnt use-after-free issue when receiving an igmp query packet, leading to a kernel information leak.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2024-0584", }, { cve: "CVE-2024-0684", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, notes: [ { category: "summary", text: "A flaw was found in the GNU coreutils \"split\" program. A heap overflow with user-controlled data of multiple hundred bytes in length could occur in the line_bytes_split() function, potentially leading to an application crash and denial of service.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2024-0684", }, { cve: "CVE-2024-22365", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "linux-pam (aka Linux PAM) before 1.6.0 allows attackers to cause a denial of service (blocked login process) via mkfifo because the openat call (for protect_dir) lacks O_DIRECTORY.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2024-22365", }, { cve: "CVE-2024-25062", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5. When using the XML Reader interface with DTD validation and XInclude expansion enabled, processing crafted XML documents can lead to an xmlValidatePopElement use-after-free.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2024-25062", }, ], }
ssa-794697
Vulnerability from csaf_siemens
Published
2023-06-13 00:00
Modified
2024-04-09 00:00
Summary
SSA-794697: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP before V1.1
Notes
Summary
Multiple vulnerabilities have been identified in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP V1.0.
Siemens has released a new version for SIMATIC S7-1500 TM MFP - GNU/Linux subsystem and recommends to update to the latest version.
This advisory lists vulnerabilities for firmware version V1.0 only; for V1.1 refer to Siemens Security Advisory SSA-265688 (
https://cert-portal.siemens.com/productcert/html/ssa-265688.html).
General Recommendations
As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download:
https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.
Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity
Additional Resources
For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Terms of Use
Siemens Security Advisories are subject to the terms and conditions contained in Siemens' underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter "License Terms"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens' Global Website (https://www.siemens.com/terms_of_use, hereinafter "Terms of Use"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.
{ document: { category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Disclosure is not limited. (TLPv2: TLP:CLEAR)", tlp: { label: "WHITE", }, }, lang: "en", notes: [ { category: "summary", text: "Multiple vulnerabilities have been identified in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP V1.0.\n\nSiemens has released a new version for SIMATIC S7-1500 TM MFP - GNU/Linux subsystem and recommends to update to the latest version.\n\nThis advisory lists vulnerabilities for firmware version V1.0 only; for V1.1 refer to Siemens Security Advisory SSA-265688 (\nhttps://cert-portal.siemens.com/productcert/html/ssa-265688.html).", title: "Summary", }, { category: "general", text: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", title: "General Recommendations", }, { category: "general", text: "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories", title: "Additional Resources", }, { category: "legal_disclaimer", text: "Siemens Security Advisories are subject to the terms and conditions contained in Siemens' underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter \"License Terms\"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens' Global Website (https://www.siemens.com/terms_of_use, hereinafter \"Terms of Use\"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "productcert@siemens.com", name: "Siemens ProductCERT", namespace: "https://www.siemens.com", }, references: [ { category: "self", summary: "SSA-794697: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP before V1.1 - HTML Version", url: "https://cert-portal.siemens.com/productcert/html/ssa-794697.html", }, { category: "self", summary: "SSA-794697: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP before V1.1 - CSAF Version", url: "https://cert-portal.siemens.com/productcert/csaf/ssa-794697.json", }, { category: "self", summary: "SSA-794697: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP before V1.1 - PDF Version", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-794697.pdf", }, { category: "self", summary: "SSA-794697: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP before V1.1 - TXT Version", url: "https://cert-portal.siemens.com/productcert/txt/ssa-794697.txt", }, ], title: "SSA-794697: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP before V1.1", tracking: { current_release_date: "2024-04-09T00:00:00Z", generator: { engine: { name: "Siemens ProductCERT CSAF Generator", version: "1", }, }, id: "SSA-794697", initial_release_date: "2023-06-13T00:00:00Z", revision_history: [ { date: "2023-06-13T00:00:00Z", legacy_version: "1.0", number: "1", summary: "Publication Date", }, { date: "2023-07-11T00:00:00Z", legacy_version: "1.1", number: "2", summary: "Added CVE-2022-4269, CVE-2023-3141, CVE-2023-3268, CVE-2023-31436, CVE-2023-32233", }, { date: "2023-08-08T00:00:00Z", legacy_version: "1.2", number: "3", summary: "Added CVE-2023-3446, CVE-2023-3389, CVE-2022-1015, \r\nCVE-2023-3609", }, { date: "2023-09-12T00:00:00Z", legacy_version: "1.3", number: "4", summary: "Added CVE-2023-3338", }, { date: "2023-11-14T00:00:00Z", legacy_version: "1.4", number: "5", summary: "Added CVE-2023-1206, CVE-2023-2898, CVE-2023-3610, CVE-2023-3611, CVE-2023-3772, CVE-2023-3773, CVE-2023-3777, CVE-2023-4004, CVE-2023-4015, CVE-2023-4273, CVE-2023-4623, CVE-2023-4921, CVE-2023-35001, CVE-2023-37453, CVE-2023-39192, CVE-2023-39193, CVE-2023-39194, CVE-2023-42753, CVE-2023-42755", }, { date: "2023-12-12T00:00:00Z", legacy_version: "1.5", number: "6", summary: "Added CVE-2021-44879, CVE-2023-5178, CVE-2023-5197, CVE-2023-5678, CVE-2023-5717, CVE-2023-31085, CVE-2023-35827, CVE-2023-39189, CVE-2023-42754, CVE-2023-45863, CVE-2023-45871", }, { date: "2024-01-09T00:00:00Z", legacy_version: "1.6", number: "7", summary: "Added CVE-2023-48795", }, { date: "2024-02-13T00:00:00Z", legacy_version: "1.7", number: "8", summary: "Added CVE-2020-12762, CVE-2023-6606, CVE-2023-6931, CVE-2023-6932, CVE-2023-7008, CVE-2023-7104, CVE-2023-36660, CVE-2023-50495, CVE-2023-51384, CVE-2023-51385, CVE-2023-51767, CVE-2024-0232, CVE-2024-0553, CVE-2024-0567, CVE-2024-0584, CVE-2024-0684, CVE-2024-22365, CVE-2024-25062", }, { date: "2024-04-09T00:00:00Z", legacy_version: "1.8", number: "9", summary: "Added fix for SIMATIC S7-1500 TM MFP - GNU/Linux subsystem", }, ], status: "interim", version: "9", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version_range", name: "<V1.1", product: { name: "SIMATIC S7-1500 TM MFP - GNU/Linux subsystem", product_id: "1", }, }, ], category: "product_name", name: "SIMATIC S7-1500 TM MFP - GNU/Linux subsystem", }, ], category: "vendor", name: "Siemens", }, ], }, vulnerabilities: [ { cve: "CVE-2020-12762", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, notes: [ { category: "summary", text: "json-c through 0.14 has an integer overflow and out-of-bounds write via a large JSON file, as demonstrated by printbuf_memappend.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2020-12762", }, { cve: "CVE-2021-3759", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "summary", text: "A memory overflow vulnerability was found in the Linux kernel’s ipc functionality of the memcg subsystem, in the way a user calls the semget function multiple times, creating semaphores. This flaw allows a local user to starve the resources, causing a denial of service. The highest threat from this vulnerability is to system availability.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2021-3759", }, { cve: "CVE-2021-4037", cwe: { id: "CWE-284", name: "Improper Access Control", }, notes: [ { category: "summary", text: "A vulnerability was found in the fs/inode.c:inode_init_owner() function logic of the LInux kernel that allows local users to create files for the XFS file-system with an unintended group ownership and with group execution and SGID permission bits set, in a scenario where a directory is SGID and belongs to a certain group and is writable by a user who is not a member of this group. This can lead to excessive permissions granted in case when they should not. This vulnerability is similar to the previous CVE-2018-13405 and adds the missed fix for the XFS.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2021-4037", }, { cve: "CVE-2021-33655", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "When sending malicous data to kernel by ioctl cmd FBIOPUT_VSCREENINFO,kernel will write memory out of bounds.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 6.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2021-33655", }, { cve: "CVE-2021-44879", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "summary", text: "In gc_data_segment in fs/f2fs/gc.c in the Linux kernel before 5.16.3, special files are not considered, leading to a move_data_page NULL pointer dereference.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2021-44879", }, { cve: "CVE-2022-0171", cwe: { id: "CWE-459", name: "Incomplete Cleanup", }, notes: [ { category: "summary", text: "A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root (host) user-level application to crash the host kernel by creating a confidential guest VM instance in AMD CPU that supports Secure Encrypted Virtualization (SEV).", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-0171", }, { cve: "CVE-2022-1012", cwe: { id: "CWE-401", name: "Missing Release of Memory after Effective Lifetime", }, notes: [ { category: "summary", text: "A memory leak problem was found in the TCP source port generation algorithm in net/ipv4/tcp.c due to the small table perturb size. This flaw may allow an attacker to information leak and may cause a denial of service problem.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 8.2, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-1012", }, { cve: "CVE-2022-1015", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "A flaw was found in the Linux kernel in linux/net/netfilter/nf_tables_api.c of the netfilter subsystem. This flaw allows a local user to cause an out-of-bounds write issue.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-1015", }, { cve: "CVE-2022-1184", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free flaw was found in fs/ext4/namei.c:dx_insert_block() in the Linux kernel’s filesystem sub-component. This flaw allows a local attacker with a user privilege to cause a denial of service.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-1184", }, { cve: "CVE-2022-1292", cwe: { id: "CWE-78", name: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", }, notes: [ { category: "summary", text: "The c_rehash script does not properly sanitise shell metacharacters to prevent command injection.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-1292", }, { cve: "CVE-2022-1343", cwe: { id: "CWE-295", name: "Improper Certificate Validation", }, notes: [ { category: "summary", text: "Under certain circumstances, the command line OCSP verify function reports successful verification when the verification in fact failed. In this case the incorrect successful response will also be accompanied by error messages showing the failure and contradicting the apparently successful result.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-1343", }, { cve: "CVE-2022-1434", cwe: { id: "CWE-327", name: "Use of a Broken or Risky Cryptographic Algorithm", }, notes: [ { category: "summary", text: "When using the RC4-MD5 ciphersuite, which is disabled by default, an attacker is able to modify data in transit due to an incorrect use of the AAD data as the MAC key in OpenSSL 3.0. An attacker is not able to decrypt any communication.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-1434", }, { cve: "CVE-2022-1462", cwe: { id: "CWE-362", name: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", }, notes: [ { category: "summary", text: "An out-of-bounds read flaw was found in the Linux kernel’s TeleTYpe subsystem. The issue occurs in how a user triggers a race condition using ioctls TIOCSPTLCK and TIOCGPTPEER and TIOCSTI and TCXONC with leakage of memory in the flush_to_ldisc function. This flaw allows a local user to crash the system or read unauthorized random data from memory.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 6.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-1462", }, { cve: "CVE-2022-1473", cwe: { id: "CWE-404", name: "Improper Resource Shutdown or Release", }, notes: [ { category: "summary", text: "The used OpenSSL version improperly reuses memory when decoding certificates or keys. This can lead to a process termination and Denial of Service for long lived processes.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-1473", }, { cve: "CVE-2022-1679", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free flaw was found in the Linux kernel’s Atheros wireless adapter driver in the way a user forces the ath9k_htc_wait_for_target function to fail with some input messages. This flaw allows a local user to crash or potentially escalate their privileges on the system.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-1679", }, { cve: "CVE-2022-1852", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "summary", text: "A NULL pointer dereference flaw was found in the Linux kernel’s KVM module, which can lead to a denial of service in the x86_emulate_insn in arch/x86/kvm/emulate.c. This flaw occurs while executing an illegal instruction in guest in the Intel CPU.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-1852", }, { cve: "CVE-2022-1882", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free flaw was found in the Linux kernel’s pipes functionality in how a user performs manipulations with the pipe post_one_notification() after free_pipe_info() that is already called. This flaw allows a local user to crash or potentially escalate their privileges on the system.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-1882", }, { cve: "CVE-2022-2068", cwe: { id: "CWE-78", name: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", }, notes: [ { category: "summary", text: "In addition to the c_rehash shell command injection identified in CVE-2022-1292, further circumstances where the c_rehash script does not properly sanitise shell metacharacters to prevent command injection were found by code review. When the CVE-2022-1292 was fixed it was not discovered that there are other places in the script where the file names of certificates being hashed were possibly passed to a command executed through the shell. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-2068", }, { cve: "CVE-2022-2078", cwe: { id: "CWE-121", name: "Stack-based Buffer Overflow", }, notes: [ { category: "summary", text: "A vulnerability was found in the Linux kernel's nft_set_desc_concat_parse() function .This flaw allows an attacker to trigger a buffer overflow via nft_set_desc_concat_parse() , causing a denial of service and possibly to run code.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-2078", }, { cve: "CVE-2022-2097", cwe: { id: "CWE-326", name: "Inadequate Encryption Strength", }, notes: [ { category: "summary", text: "AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation will not encrypt the entirety of the data under some circumstances. This could reveal sixteen bytes of data that was preexisting in the memory that wasn't written. In the special case of \"in place\" encryption, sixteen bytes of the plaintext would be revealed. Since OpenSSL does not support OCB based cipher suites for TLS and DTLS, they are both unaffected.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-2097", }, { cve: "CVE-2022-2153", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "summary", text: "A flaw was found in the Linux kernel’s KVM when attempting to set a SynIC IRQ. This issue makes it possible for a misbehaving VMM to write to SYNIC/STIMER MSRs, causing a NULL pointer dereference. This flaw allows an unprivileged local attacker on the host to issue specific ioctl calls, causing a kernel oops condition that results in a denial of service.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-2153", }, { cve: "CVE-2022-2274", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "The OpenSSL 3.0.4 release introduced a serious bug in the RSA implementation for X86_64 CPUs supporting the AVX512IFMA instructions. This issue makes the RSA implementation with 2048 bit private keys incorrect on such machines and memory corruption will happen during the computation. As a consequence of the memory corruption an attacker may be able to trigger a remote code execution on the machine performing the computation. SSL/TLS servers or other servers using 2048 bit RSA private keys running on machines supporting AVX512IFMA instructions of the X86_64 architecture are affected by this issue.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-2274", }, { cve: "CVE-2022-2327", cwe: { id: "CWE-415", name: "Double Free", }, notes: [ { category: "summary", text: "io_uring use work_flags to determine which identity need to grab from the calling process to make sure it is consistent with the calling process when executing IORING_OP. Some operations are missing some types, which can lead to incorrect reference counts which can then lead to a double free. We recommend upgrading the kernel past commit df3f3bb5059d20ef094d6b2f0256c4bf4127a859", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-2327", }, { cve: "CVE-2022-2503", cwe: { id: "CWE-287", name: "Improper Authentication", }, notes: [ { category: "summary", text: "Dm-verity is used for extending root-of-trust to root filesystems. LoadPin builds on this property to restrict module/firmware loads to just the trusted root filesystem. Device-mapper table reloads currently allow users with root privileges to switch out the target with an equivalent dm-linear target and bypass verification till reboot. This allows root to bypass LoadPin and can be used to load untrusted and unverified kernel modules and firmware, which implies arbitrary kernel execution and persistence for peripherals that do not verify firmware updates. We recommend upgrading past commit 4caae58406f8ceb741603eee460d79bacca9b1b5", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 6.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-2503", }, { cve: "CVE-2022-2586", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free flaw was found in nf_tables cross-table in the net/netfilter/nf_tables_api.c function in the Linux kernel. This flaw allows a local, privileged attacker to cause a use-after-free problem at the time of table deletion, possibly leading to local privilege escalation.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 6.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-2586", }, { cve: "CVE-2022-2588", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-2588", }, { cve: "CVE-2022-2602", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "A flaw was found in the Linux kernel. A race issue occurs between an io_uring request and the Unix socket garbage collector, allowing an attacker local privilege escalation.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-2602", }, { cve: "CVE-2022-2663", cwe: { id: "CWE-923", name: "Improper Restriction of Communication Channel to Intended Endpoints", }, notes: [ { category: "summary", text: "An issue was found in the Linux kernel in nf_conntrack_irc where the message handling can be confused and incorrectly matches the message. A firewall may be able to be bypassed when users are using unencrypted IRC with nf_conntrack_irc configured.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-2663", }, { cve: "CVE-2022-2905", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "summary", text: "An out-of-bounds memory read flaw was found in the Linux kernel's BPF subsystem in how a user calls the bpf_tail_call function with a key larger than the max_entries of the map. This flaw allows a local user to gain unauthorized access to data.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-2905", }, { cve: "CVE-2022-2959", cwe: { id: "CWE-362", name: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", }, notes: [ { category: "summary", text: "A race condition was found in the Linux kernel's watch queue due to a missing lock in pipe_resize_ring(). The specific flaw exists within the handling of pipe buffers. The issue results from the lack of proper locking when performing operations on an object. This flaw allows a local user to crash the system or escalate their privileges on the system.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-2959", }, { cve: "CVE-2022-2978", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A flaw use after free in the Linux kernel NILFS file system was found in the way user triggers function security_inode_alloc to fail with following call to function nilfs_mdt_destroy. A local user could use this flaw to crash the system or potentially escalate their privileges on the system.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-2978", }, { cve: "CVE-2022-3028", cwe: { id: "CWE-362", name: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", }, notes: [ { category: "summary", text: "A race condition was found in the Linux kernel's IP framework for transforming packets (XFRM subsystem) when multiple calls to xfrm_probe_algs occurred simultaneously. This flaw could allow a local attacker to potentially trigger an out-of-bounds write or leak kernel heap memory by performing an out-of-bounds read and copying it into a socket.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-3028", }, { cve: "CVE-2022-3104", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "summary", text: "An issue was discovered in the Linux kernel through 5.16-rc6. lkdtm_ARRAY_BOUNDS in drivers/misc/lkdtm/bugs.c lacks check of the return value of kmalloc() and will cause the null pointer dereference.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-3104", }, { cve: "CVE-2022-3115", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "summary", text: "An issue was discovered in the Linux kernel through 5.16-rc6. malidp_crtc_reset in drivers/gpu/drm/arm/malidp_crtc.c lacks check of the return value of kzalloc() and will cause the null pointer dereference.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-3115", }, { cve: "CVE-2022-3169", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "A flaw was found in the Linux kernel. A denial of service flaw may occur if there is a consecutive request of the NVME_IOCTL_RESET and the NVME_IOCTL_SUBSYS_RESET through the device file of the driver, resulting in a PCIe link disconnect.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-3169", }, { cve: "CVE-2022-3303", cwe: { id: "CWE-362", name: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", }, notes: [ { category: "summary", text: "A race condition flaw was found in the Linux kernel sound subsystem due to improper locking. It could lead to a NULL pointer dereference while handling the SNDCTL_DSP_SYNC ioctl. A privileged local user (root or member of the audio group) could use this flaw to crash the system, resulting in a denial of service condition", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-3303", }, { cve: "CVE-2022-3521", cwe: { id: "CWE-362", name: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", }, notes: [ { category: "summary", text: "A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects the function kcm_tx_work of the file net/kcm/kcmsock.c of the component kcm. The manipulation leads to race condition. It is recommended to apply a patch to fix this issue. VDB-211018 is the identifier assigned to this vulnerability.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 2.5, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-3521", }, { cve: "CVE-2022-3524", cwe: { id: "CWE-404", name: "Improper Resource Shutdown or Release", }, notes: [ { category: "summary", text: "A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function ipv6_renew_options of the component IPv6 Handler. The manipulation leads to memory leak. The attack can be launched remotely. It is recommended to apply a patch to fix this issue. The identifier VDB-211021 was assigned to this vulnerability.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-3524", }, { cve: "CVE-2022-3534", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A vulnerability classified as critical has been found in Linux Kernel. Affected is the function btf_dump_name_dups of the file tools/lib/bpf/btf_dump.c of the component libbpf. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211032.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-3534", }, { cve: "CVE-2022-3545", cwe: { id: "CWE-119", name: "Improper Restriction of Operations within the Bounds of a Memory Buffer", }, notes: [ { category: "summary", text: "A vulnerability has been found in Linux Kernel and classified as critical. Affected by this vulnerability is the function area_cache_get of the file drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier VDB-211045 was assigned to this vulnerability.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-3545", }, { cve: "CVE-2022-3564", cwe: { id: "CWE-119", name: "Improper Restriction of Operations within the Bounds of a Memory Buffer", }, notes: [ { category: "summary", text: "A vulnerability classified as critical was found in Linux Kernel. Affected by this vulnerability is the function l2cap_reassemble_sdu of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211087.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-3564", }, { cve: "CVE-2022-3565", cwe: { id: "CWE-119", name: "Improper Restriction of Operations within the Bounds of a Memory Buffer", }, notes: [ { category: "summary", text: "A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function del_timer of the file drivers/isdn/mISDN/l1oip_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211088.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-3565", }, { cve: "CVE-2022-3586", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A flaw was found in the Linux kernel’s networking code. A use-after-free was found in the way the sch_sfb enqueue function used the socket buffer (SKB) cb field after the same SKB had been enqueued (and freed) into a child qdisc. This flaw allows a local, unprivileged user to crash the system, causing a denial of service.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-3586", }, { cve: "CVE-2022-3594", cwe: { id: "CWE-404", name: "Improper Resource Shutdown or Release", }, notes: [ { category: "summary", text: "A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function intr_callback of the file drivers/net/usb/r8152.c of the component BPF. The manipulation leads to logging of excessive data. The attack can be launched remotely. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211363.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-3594", }, { cve: "CVE-2022-3606", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "summary", text: "A vulnerability was found in Linux Kernel. It has been classified as problematic. This affects the function find_prog_by_sec_insn of the file tools/lib/bpf/libbpf.c of the component BPF. The manipulation leads to null pointer dereference. It is recommended to apply a patch to fix this issue. The identifier VDB-211749 was assigned to this vulnerability.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-3606", }, { cve: "CVE-2022-3621", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "summary", text: "A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function nilfs_bmap_lookup_at_level of the file fs/nilfs2/inode.c of the component nilfs2. The manipulation leads to null pointer dereference. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211920.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-3621", }, { cve: "CVE-2022-3625", cwe: { id: "CWE-119", name: "Improper Restriction of Operations within the Bounds of a Memory Buffer", }, notes: [ { category: "summary", text: "A vulnerability was found in Linux Kernel. It has been classified as critical. This affects the function devlink_param_set/devlink_param_get of the file net/core/devlink.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier VDB-211929 was assigned to this vulnerability.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-3625", }, { cve: "CVE-2022-3628", cwe: { id: "CWE-120", name: "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", }, notes: [ { category: "summary", text: "A buffer overflow flaw was found in the Linux kernel Broadcom Full MAC Wi-Fi driver. This issue occurs when a user connects to a malicious USB device. This can allow a local user to crash the system or escalate their privileges.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-3628", }, { cve: "CVE-2022-3629", cwe: { id: "CWE-401", name: "Missing Release of Memory after Effective Lifetime", }, notes: [ { category: "summary", text: "A vulnerability was found in Linux Kernel. It has been declared as problematic. This vulnerability affects the function vsock_connect of the file net/vmw_vsock/af_vsock.c. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. VDB-211930 is the identifier assigned to this vulnerability.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-3629", }, { cve: "CVE-2022-3633", cwe: { id: "CWE-401", name: "Missing Release of Memory after Effective Lifetime", }, notes: [ { category: "summary", text: "A vulnerability classified as problematic has been found in Linux Kernel. Affected is the function j1939_session_destroy of the file net/can/j1939/transport.c. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211932.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-3633", }, { cve: "CVE-2022-3635", cwe: { id: "CWE-119", name: "Improper Restriction of Operations within the Bounds of a Memory Buffer", }, notes: [ { category: "summary", text: "A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function tst_timer of the file drivers/atm/idt77252.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. VDB-211934 is the identifier assigned to this vulnerability.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-3635", }, { cve: "CVE-2022-3646", cwe: { id: "CWE-404", name: "Improper Resource Shutdown or Release", }, notes: [ { category: "summary", text: "A vulnerability, which was classified as problematic, has been found in Linux Kernel. This issue affects the function nilfs_attach_log_writer of the file fs/nilfs2/segment.c of the component BPF. The manipulation leads to memory leak. The attack may be initiated remotely. It is recommended to apply a patch to fix this issue. The identifier VDB-211961 was assigned to this vulnerability.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-3646", }, { cve: "CVE-2022-3649", cwe: { id: "CWE-119", name: "Improper Restriction of Operations within the Bounds of a Memory Buffer", }, notes: [ { category: "summary", text: "A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function nilfs_new_inode of the file fs/nilfs2/inode.c of the component BPF. The manipulation leads to use after free. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211992.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-3649", }, { cve: "CVE-2022-4095", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free flaw was found in Linux kernel before 5.19.2. This issue occurs in cmd_hdl_filter in drivers/staging/rtl8712/rtl8712_cmd.c, allowing an attacker to launch a local denial of service attack and gain escalation of privileges.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-4095", }, { cve: "CVE-2022-4129", cwe: { id: "CWE-667", name: "Improper Locking", }, notes: [ { category: "summary", text: "A flaw was found in the Linux kernel's Layer 2 Tunneling Protocol (L2TP). A missing lock when clearing sk_user_data can lead to a race condition and NULL pointer dereference. A local user could use this flaw to potentially crash the system causing a denial of service.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-4129", }, { cve: "CVE-2022-4139", cwe: { id: "CWE-401", name: "Missing Release of Memory after Effective Lifetime", }, notes: [ { category: "summary", text: "An incorrect TLB flush issue was found in the Linux kernel’s GPU i915 kernel driver, potentially leading to random memory corruption or data leaks. This flaw could allow a local user to crash the system or escalate their privileges on the system.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-4139", }, { cve: "CVE-2022-4269", cwe: { id: "CWE-833", name: "Deadlock", }, notes: [ { category: "summary", text: "A flaw was found in the Linux kernel Traffic Control (TC) subsystem. Using a specific networking configuration (redirecting egress packets to ingress using TC action \"mirred\") a local unprivileged user could trigger a CPU soft lockup (ABBA deadlock) when the transport protocol in use (TCP or SCTP) does a retransmission, resulting in a denial of service condition.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-4269", }, { cve: "CVE-2022-4304", cwe: { id: "CWE-326", name: "Inadequate Encryption Strength", }, notes: [ { category: "summary", text: "A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in a Bleichenbacher style attack. To achieve a successful decryption an attacker would have to be able to send a very large number of trial messages for decryption. The vulnerability affects all RSA padding modes: PKCS#1 v1.5, RSA-OEAP and RSASVE. For example, in a TLS connection, RSA is commonly used by a client to send an encrypted pre-master secret to the server. An attacker that had observed a genuine connection between a client and a server could use this flaw to send trial messages to the server and record the time taken to process them. After a sufficiently large number of messages the attacker could recover the pre-master secret used for the original connection and thus be able to decrypt the application data sent over that connection.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-4304", }, { cve: "CVE-2022-4450", cwe: { id: "CWE-415", name: "Double Free", }, notes: [ { category: "summary", text: "The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and decodes the \"name\" (e.g. \"CERTIFICATE\"), any header data and the payload data. If the function succeeds then the \"name_out\", \"header\" and \"data\" arguments are populated with pointers to buffers containing the relevant decoded data. The caller is responsible for freeing those buffers. It is possible to construct a PEM file that results in 0 bytes of payload data. In this case PEM_read_bio_ex() will return a failure code but will populate the header argument with a pointer to a buffer that has already been freed. If the caller also frees this buffer then a double free will occur. This will most likely lead to a crash. This could be exploited by an attacker who has the ability to supply malicious PEM files for parsing to achieve a denial of service attack. The functions PEM_read_bio() and PEM_read() are simple wrappers around PEM_read_bio_ex() and therefore these functions are also directly affected. These functions are also called indirectly by a number of other OpenSSL functions including PEM_X509_INFO_read_bio_ex() and SSL_CTX_use_serverinfo_file() which are also vulnerable. Some OpenSSL internal uses of these functions are not vulnerable because the caller does not free the header argument if PEM_read_bio_ex() returns a failure code. These locations include the PEM_read_bio_TYPE() functions as well as the decoders introduced in OpenSSL 3.0. The OpenSSL asn1parse command line application is also impacted by this issue.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-4450", }, { cve: "CVE-2022-4662", cwe: { id: "CWE-455", name: "Non-exit on Failed Initialization", }, notes: [ { category: "summary", text: "A flaw incorrect access control in the Linux kernel USB core subsystem was found in the way user attaches usb device. A local user could use this flaw to crash the system.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-4662", }, { cve: "CVE-2022-20421", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "In binder_inc_ref_for_node of binder.c, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-239630375References: Upstream kernel", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-20421", }, { cve: "CVE-2022-20422", cwe: { id: "CWE-362", name: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", }, notes: [ { category: "summary", text: "In emulation_proc_handler of armv8_deprecated.c, there is a possible way to corrupt memory due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-237540956References: Upstream kernel", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-20422", }, { cve: "CVE-2022-20566", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "In l2cap_chan_put of l2cap_core, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-165329981References: Upstream kernel", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-20566", }, { cve: "CVE-2022-20572", cwe: { id: "CWE-863", name: "Incorrect Authorization", }, notes: [ { category: "summary", text: "In verity_target of dm-verity-target.c, there is a possible way to modify read-only files due to a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-234475629References: Upstream kernel", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 6.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-20572", }, { cve: "CVE-2022-21123", cwe: { id: "CWE-459", name: "Incomplete Cleanup", }, notes: [ { category: "summary", text: "Incomplete cleanup of multi-core shared buffers for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-21123", }, { cve: "CVE-2022-21125", cwe: { id: "CWE-459", name: "Incomplete Cleanup", }, notes: [ { category: "summary", text: "Incomplete cleanup of microarchitectural fill buffers on some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-21125", }, { cve: "CVE-2022-21166", cwe: { id: "CWE-459", name: "Incomplete Cleanup", }, notes: [ { category: "summary", text: "Incomplete cleanup in specific special register write operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-21166", }, { cve: "CVE-2022-21505", cwe: { id: "CWE-305", name: "Authentication Bypass by Primary Weakness", }, notes: [ { category: "summary", text: "A bug in the IMA subsystem was discovered which would incorrectly allow kexec to be used when kernel lockdown was enabled", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 6.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-21505", }, { cve: "CVE-2022-26373", cwe: { id: "CWE-311", name: "Missing Encryption of Sensitive Data", }, notes: [ { category: "summary", text: "Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-26373", }, { cve: "CVE-2022-32250", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "net/netfilter/nf_tables_api.c in the Linux kernel through 5.18.1 allows a local user (able to create user/net namespaces) to escalate privileges to root because an incorrect NFT_STATEFUL_EXPR check leads to a use-after-free.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-32250", }, { cve: "CVE-2022-32296", cwe: { id: "CWE-203", name: "Observable Discrepancy", }, notes: [ { category: "summary", text: "The Linux kernel before 5.17.9 allows TCP servers to identify clients by observing what source ports are used. This occurs because of use of Algorithm 4 (\"Double-Hash Port Selection Algorithm\") of RFC 6056.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-32296", }, { cve: "CVE-2022-34918", cwe: { id: "CWE-843", name: "Access of Resource Using Incompatible Type ('Type Confusion')", }, notes: [ { category: "summary", text: "An issue was discovered in the Linux kernel through 5.18.9. A type confusion bug in nft_set_elem_init (leading to a buffer overflow) could be used by a local attacker to escalate privileges, a different vulnerability than CVE-2022-32250. (The attacker can obtain root access, but must start with an unprivileged user namespace to obtain CAP_NET_ADMIN access.) This can be fixed in nft_setelem_parse_data in net/netfilter/nf_tables_api.c.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-34918", }, { cve: "CVE-2022-36123", cwe: { id: "CWE-311", name: "Missing Encryption of Sensitive Data", }, notes: [ { category: "summary", text: "The Linux kernel before 5.18.13 lacks a certain clear operation for the block starting symbol (.bss). This allows Xen PV guest OS users to cause a denial of service or gain privileges.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-36123", }, { cve: "CVE-2022-36280", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "An out-of-bounds(OOB) memory access vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_kms.c in GPU component in the Linux kernel with device file '/dev/dri/renderD128 (or Dxxx)'. This flaw allows a local attacker with a user account on the system to gain privilege, causing a denial of service(DoS).", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-36280", }, { cve: "CVE-2022-36879", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "An issue was discovered in the Linux kernel through 5.18.14. xfrm_expand_policies in net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-36879", }, { cve: "CVE-2022-36946", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "nfqnl_mangle in net/netfilter/nfnetlink_queue.c in the Linux kernel through 5.18.14 allows remote attackers to cause a denial of service (panic) because, in the case of an nf_queue verdict with a one-byte nfta_payload attribute, an skb_pull can encounter a negative skb->len.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-36946", }, { cve: "CVE-2022-39188", cwe: { id: "CWE-362", name: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", }, notes: [ { category: "summary", text: "An issue was discovered in include/asm-generic/tlb.h in the Linux kernel before 5.19. Because of a race condition (unmap_mapping_range versus munmap), a device driver can free a page while it still has stale TLB entries. This only occurs in situations with VM_PFNMAP VMAs.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-39188", }, { cve: "CVE-2022-39190", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "summary", text: "An issue was discovered in net/netfilter/nf_tables_api.c in the Linux kernel before 5.19.6. A denial of service can occur upon binding to an already bound chain.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-39190", }, { cve: "CVE-2022-40307", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "An issue was discovered in the Linux kernel through 5.19.8. drivers/firmware/efi/capsule-loader.c has a race condition with a resultant use-after-free.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-40307", }, { cve: "CVE-2022-40768", cwe: { id: "CWE-668", name: "Exposure of Resource to Wrong Sphere", }, notes: [ { category: "summary", text: "drivers/scsi/stex.c in the Linux kernel through 5.19.9 allows local users to obtain sensitive information from kernel memory because stex_queuecommand_lck lacks a memset for the PASSTHRU_CMD case.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-40768", }, { cve: "CVE-2022-41218", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "In drivers/media/dvb-core/dmxdev.c in the Linux kernel through 5.19.10, there is a use-after-free caused by refcount races, affecting dvb_demux_open and dvb_dmxdev_release.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-41218", }, { cve: "CVE-2022-41222", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "mm/mremap.c in the Linux kernel before 5.13.3 has a use-after-free via a stale TLB because an rmap lock is not held during a PUD move.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-41222", }, { cve: "CVE-2022-41674", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "An issue was discovered in the Linux kernel before 5.19.16. Attackers able to inject WLAN frames could cause a buffer overflow in the ieee80211_bss_info_update function in net/mac80211/scan.c.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-41674", }, { cve: "CVE-2022-41849", cwe: { id: "CWE-362", name: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", }, notes: [ { category: "summary", text: "drivers/video/fbdev/smscufx.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free if a physically proximate attacker removes a USB device while calling open(), aka a race condition between ufx_ops_open and ufx_usb_disconnect.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 4.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-41849", }, { cve: "CVE-2022-41850", cwe: { id: "CWE-362", name: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", }, notes: [ { category: "summary", text: "roccat_report_event in drivers/hid/hid-roccat.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free in certain situations where a report is received while copying a report->value is in progress.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-41850", }, { cve: "CVE-2022-42328", cwe: { id: "CWE-667", name: "Improper Locking", }, notes: [ { category: "summary", text: "Guests can trigger deadlock in Linux netback driver [This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] The patch for XSA-392 introduced another issue which might result in a deadlock when trying to free the SKB of a packet dropped due to the XSA-392 handling (CVE-2022-42328). Additionally when dropping packages for other reasons the same deadlock could occur in case of netpoll being active for the interface the xen-netback driver is connected to (CVE-2022-42329).", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-42328", }, { cve: "CVE-2022-42329", cwe: { id: "CWE-667", name: "Improper Locking", }, notes: [ { category: "summary", text: "Guests can trigger deadlock in Linux netback drive. The patch for XSA-392 introduced another issue which might result in a deadlock when trying to free the SKB of a packet dropped due to the XSA-392 handling (CVE-2022-42328). Additionally when dropping packages for other reasons the same deadlock could occur in case of netpoll being active for the interface the xen-netback driver is connected to (CVE-2022-42329).", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-42329", }, { cve: "CVE-2022-42432", cwe: { id: "CWE-457", name: "Use of Uninitialized Variable", }, notes: [ { category: "summary", text: "This vulnerability allows local attackers to disclose sensitive information on affected installations of the Linux Kernel 6.0-rc2. An attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the nft_osf_eval function. The issue results from the lack of proper initialization of memory prior to accessing it. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the kernel. Was ZDI-CAN-18540.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-42432", }, { cve: "CVE-2022-42703", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "mm/rmap.c in the Linux kernel before 5.19.7 has a use-after-free related to leaf anon_vma double reuse.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-42703", }, { cve: "CVE-2022-42719", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free in the mac80211 stack when parsing a multi-BSSID element in the Linux kernel 5.2 through 5.19.x before 5.19.16 could be used by attackers (able to inject WLAN frames) to crash the kernel and potentially execute code.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-42719", }, { cve: "CVE-2022-42720", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "Various refcounting bugs in the multi-BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to trigger use-after-free conditions to potentially execute code.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-42720", }, { cve: "CVE-2022-42721", cwe: { id: "CWE-835", name: "Loop with Unreachable Exit Condition ('Infinite Loop')", }, notes: [ { category: "summary", text: "A list management bug in BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to corrupt a linked list and, in turn, potentially execute code.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-42721", }, { cve: "CVE-2022-42722", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "summary", text: "In the Linux kernel 5.8 through 5.19.x before 5.19.16, local attackers able to inject WLAN frames into the mac80211 stack could cause a NULL pointer dereference denial-of-service attack against the beacon protection of P2P devices.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-42722", }, { cve: "CVE-2022-42895", cwe: { id: "CWE-824", name: "Access of Uninitialized Pointer", }, notes: [ { category: "summary", text: "There is an infoleak vulnerability in the Linux kernel's net/bluetooth/l2cap_core.c's l2cap_parse_conf_req function which can be used to leak kernel pointers remotely. We recommend upgrading past commit https://github.com/torvalds/linux/commit/b1a2cd50c0357f243b7435a732b4e62ba3157a2e", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-42895", }, { cve: "CVE-2022-42896", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "There are use-after-free vulnerabilities in the Linux kernel's net/bluetooth/l2cap_core.c's l2cap_connect and l2cap_le_connect_req functions which may allow code execution and leaking kernel memory (respectively) remotely via Bluetooth. A remote attacker could execute code leaking kernel memory via Bluetooth if within proximity of the victim. We recommend upgrading past commit https://github.com/torvalds/linux/commit/711f8c3fb3db61897080468586b970c87c61d9e4", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-42896", }, { cve: "CVE-2022-43750", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "drivers/usb/mon/mon_bin.c in usbmon in the Linux kernel before 5.19.15 and 6.x before 6.0.1 allows a user-space client to corrupt the monitor's internal memory.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 6.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-43750", }, { cve: "CVE-2022-47518", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "An issue was discovered in the Linux kernel before 6.0.11. Missing validation of the number of channels in drivers/net/wireless/microchip/wilc1000/cfg80211.c in the WILC1000 wireless driver can trigger a heap-based buffer overflow when copying the list of operating channels from Wi-Fi management frames.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-47518", }, { cve: "CVE-2022-47520", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "summary", text: "An issue was discovered in the Linux kernel before 6.0.11. Missing offset validation in drivers/net/wireless/microchip/wilc1000/hif.c in the WILC1000 wireless driver can trigger an out-of-bounds read when parsing a Robust Security Network (RSN) information element from a Netlink packet.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-47520", }, { cve: "CVE-2022-47929", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "summary", text: "In the Linux kernel before 6.1.6, a NULL pointer dereference bug in the traffic control subsystem allows an unprivileged user to trigger a denial of service (system crash) via a crafted traffic control configuration that is set up with \"tc qdisc\" and \"tc class\" commands. This affects qdisc_graft in net/sched/sch_api.c.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-47929", }, { cve: "CVE-2022-47946", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "An issue was discovered in the Linux kernel 5.10.x before 5.10.155. A use-after-free in io_sqpoll_wait_sq in fs/io_uring.c allows an attacker to crash the kernel, resulting in denial of service. finish_wait can be skipped. An attack can occur in some situations by forking a process and then quickly terminating it. NOTE: later kernel versions, such as the 5.15 longterm series, substantially changed the implementation of io_sqpoll_wait_sq.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-47946", }, { cve: "CVE-2023-0215", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "The public API function BIO_new_NDEF is a helper function used for streaming ASN.1 data via a BIO. It is primarily used internally to OpenSSL to support the SMIME, CMS and PKCS7 streaming capabilities, but may also be called directly by end user applications. The function receives a BIO from the caller, prepends a new BIO_f_asn1 filter BIO onto the front of it to form a BIO chain, and then returns the new head of the BIO chain to the caller. Under certain conditions, for example if a CMS recipient public key is invalid, the new filter BIO is freed and the function returns a NULL result indicating a failure. However, in this case, the BIO chain is not properly cleaned up and the BIO passed by the caller still retains internal pointers to the previously freed filter BIO. If the caller then goes on to call BIO_pop() on the BIO then a use-after-free will occur. This will most likely result in a crash. This scenario occurs directly in the internal function B64_write_ASN1() which may cause BIO_new_NDEF() to be called and will subsequently call BIO_pop() on the BIO. This internal function is in turn called by the public API functions PEM_write_bio_ASN1_stream, PEM_write_bio_CMS_stream, PEM_write_bio_PKCS7_stream, SMIME_write_ASN1, SMIME_write_CMS and SMIME_write_PKCS7. Other public API functions that may be impacted by this include i2d_ASN1_bio_stream, BIO_new_CMS, BIO_new_PKCS7, i2d_CMS_bio_stream and i2d_PKCS7_bio_stream. The OpenSSL cms and smime command line applications are similarly affected.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-0215", }, { cve: "CVE-2023-0286", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING but the public structure definition for GENERAL_NAME incorrectly specified the type of the x400Address field as ASN1_TYPE. This field is subsequently interpreted by the OpenSSL function GENERAL_NAME_cmp as an ASN1_TYPE rather than an ASN1_STRING. When CRL checking is enabled (i.e. the application sets the X509_V_FLAG_CRL_CHECK flag), this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call, enabling them to read memory contents or enact a denial of service. In most cases, the attack requires the attacker to provide both the certificate chain and CRL, neither of which need to have a valid signature. If the attacker only controls one of these inputs, the other input must already contain an X.400 address as a CRL distribution point, which is uncommon. As such, this vulnerability is most likely to only affect applications which have implemented their own functionality for retrieving CRLs over a network.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7.4, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-0286", }, { cve: "CVE-2023-0464", cwe: { id: "CWE-295", name: "Improper Certificate Validation", }, notes: [ { category: "summary", text: "A security vulnerability has been identified in all supported versions of OpenSSL related to the verification of X.509 certificate chains that include policy constraints. Attackers may be able to exploit this vulnerability by creating a malicious certificate chain that triggers exponential use of computational resources, leading to a denial-of-service (DoS) attack on affected systems.\r\n\r\nPolicy processing is disabled by default but can be enabled by passing the `-policy` argument to the command line utilities or by calling the `X509_VERIFY_PARAM_set1_policies()` function.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-0464", }, { cve: "CVE-2023-0465", cwe: { id: "CWE-295", name: "Improper Certificate Validation", }, notes: [ { category: "summary", text: "Applications that use a non-default option when verifying certificates may be\r\nvulnerable to an attack from a malicious CA to circumvent certain checks.\r\n\r\nInvalid certificate policies in leaf certificates are silently ignored by\r\nOpenSSL and other certificate policy checks are skipped for that certificate.\r\nA malicious CA could use this to deliberately assert invalid certificate policies\r\nin order to circumvent policy checking on the certificate altogether.\r\n\r\nPolicy processing is disabled by default but can be enabled by passing\r\nthe `-policy` argument to the command line utilities or by calling the\r\n`X509_VERIFY_PARAM_set1_policies()` function.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-0465", }, { cve: "CVE-2023-0466", cwe: { id: "CWE-295", name: "Improper Certificate Validation", }, notes: [ { category: "summary", text: "The function X509_VERIFY_PARAM_add0_policy() is documented to\nimplicitly enable the certificate policy check when doing certificate\nverification. However the implementation of the function does not\nenable the check which allows certificates with invalid or incorrect\npolicies to pass the certificate verification.\n\nAs suddenly enabling the policy check could break existing deployments it was\ndecided to keep the existing behavior of the X509_VERIFY_PARAM_add0_policy()\nfunction.\n\nInstead the applications that require OpenSSL to perform certificate\npolicy check need to use X509_VERIFY_PARAM_set1_policies() or explicitly\nenable the policy check by calling X509_VERIFY_PARAM_set_flags() with\nthe X509_V_FLAG_POLICY_CHECK flag argument.\n\nCertificate policy checks are disabled by default in OpenSSL and are not\ncommonly used by applications.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-0466", }, { cve: "CVE-2023-0590", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free flaw was found in qdisc_graft in net/sched/sch_api.c in the Linux Kernel due to a race problem. This flaw leads to a denial of service issue. If patch ebda44da44f6 (\"net: sched: fix race condition in qdisc_graft()\") not applied yet, then kernel could be affected.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-0590", }, { cve: "CVE-2023-1077", cwe: { id: "CWE-843", name: "Access of Resource Using Incompatible Type ('Type Confusion')", }, notes: [ { category: "summary", text: "In the Linux kernel, pick_next_rt_entity() may return a type confused entry, not detected by the BUG_ON condition, as the confused entry will not be NULL, but list_head.The buggy error condition would lead to a type confused entry with the list head,which would then be used as a type confused sched_rt_entity,causing memory corruption.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-1077", }, { cve: "CVE-2023-1095", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "summary", text: "In nf_tables_updtable, if nf_tables_table_enable returns an error, nft_trans_destroy is called to free the transaction object. nft_trans_destroy() calls list_del(), but the transaction was never placed on a list -- the list head is all zeroes, this results in a NULL pointer dereference.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-1095", }, { cve: "CVE-2023-1206", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "summary", text: "A hash collision flaw was found in the IPv6 connection lookup table in the Linux kernel’s IPv6 functionality when a user makes a new kind of SYN flood attack. A user located in the local network or with a high bandwidth connection can increase the CPU usage of the server that accepts IPV6 connections up to 95%.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-1206", }, { cve: "CVE-2023-2898", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "summary", text: "There is a null-pointer-dereference flaw found in f2fs_write_end_io in fs/f2fs/data.c in the Linux kernel. This flaw allows a local privileged user to cause a denial of service problem.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-2898", }, { cve: "CVE-2023-3141", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free flaw was found in r592_remove in drivers/memstick/host/r592.c in media access in the Linux Kernel. This flaw allows a local attacker to crash the system at device disconnect, possibly leading to a kernel information leak.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-3141", }, { cve: "CVE-2023-3268", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "summary", text: "An out of bounds (OOB) memory access flaw was found in the Linux kernel in relay_file_read_start_pos in kernel/relay.c in the relayfs. This flaw could allow a local attacker to crash the system or leak kernel internal information.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-3268", }, { cve: "CVE-2023-3338", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "summary", text: "A null pointer dereference flaw was found in the Linux kernel's DECnet networking protocol. This issue could allow a remote user to crash the system.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-3338", }, { cve: "CVE-2023-3389", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free vulnerability in the Linux Kernel io_uring subsystem can be exploited to achieve local privilege escalation. Racing a io_uring cancel poll request with a linked timeout can cause a UAF in a hrtimer.\r\n\r\nWe recommend upgrading past commit `ef7dfac51d8ed961b742218f526bd589f3900a59` \r\n(`4716c73b188566865bdd79c3a6709696a224ac04` for 5.10 stable and \r\n`0e388fce7aec40992eadee654193cad345d62663` for 5.15 stable).", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-3389", }, { cve: "CVE-2023-3446", cwe: { id: "CWE-1333", name: "Inefficient Regular Expression Complexity", }, notes: [ { category: "summary", text: "Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_check(), DH_check_ex() or EVP_PKEY_param_check() to check a DH key or DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. The function DH_check() performs various checks on DH parameters. One of those checks confirms that the modulus ('p' parameter) is not too large. Trying to use a very large modulus is slow and OpenSSL will not normally use a modulus which is over 10,000 bits in length. However the DH_check() function checks numerous aspects of the key or parameters that have been supplied. Some of those checks use the supplied modulus value even if it has already been found to be too large. An application that calls DH_check() and supplies a key or parameters obtained from an untrusted source could be vulernable to a Denial of Service attack. The function DH_check() is itself called by a number of other OpenSSL functions. An application calling any of those other functions may similarly be affected. The other functions affected by this are DH_check_ex() and EVP_PKEY_param_check(). Also vulnerable are the OpenSSL dhparam and pkeyparam command line applications when using the '-check' option. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-3446", }, { cve: "CVE-2023-3609", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free vulnerability in the Linux kernel's net/sched: cls_u32 component can be exploited to achieve local privilege escalation.\r\n\r\nIf tcf_change_indev() fails, u32_set_parms() will immediately return an error after incrementing or decrementing the reference counter in tcf_bind_filter(). If an attacker can control the reference counter and set it to zero, they can cause the reference to be freed, leading to a use-after-free vulnerability.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-3609", }, { cve: "CVE-2023-3610", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation.\r\n\r\nFlaw in the error handling of bound chains causes a use-after-free in the abort path of NFT_MSG_NEWRULE. The vulnerability requires CAP_NET_ADMIN to be triggered.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-3610", }, { cve: "CVE-2023-3611", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "An out-of-bounds write vulnerability in the Linux kernel's net/sched: sch_qfq component can be exploited to achieve local privilege escalation.\r\n\r\nThe qfq_change_agg() function in net/sched/sch_qfq.c allows an out-of-bounds write because lmax is updated according to packet sizes without bounds checks.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-3611", }, { cve: "CVE-2023-3772", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "summary", text: "A flaw was found in the Linux kernel's IP framework for transforming packets (XFRM subsystem). This issue may allow a malicious user with CAP_NET_ADMIN privileges to directly dereference a NULL pointer in xfrm_update_ae_params(), leading to a possible kernel crash and denial of service.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-3772", }, { cve: "CVE-2023-3773", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "summary", text: "A flaw was found in the Linux kernel's IP framework for transforming packets (XFRM subsystem). This issue may allow a malicious user with CAP_NET_ADMIN privileges to cause a 4 byte out-of-bounds read of XFRMA_MTIMER_THRESH when parsing netlink attributes, leading to potential leakage of sensitive heap data to userspace.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-3773", }, { cve: "CVE-2023-3777", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation.\n\nWhen nf_tables_delrule() is flushing table rules, it is not checked whether the chain is bound and the chain's owner rule can also release the objects in certain circumstances.\n\nWe recommend upgrading past commit 6eaf41e87a223ae6f8e7a28d6e78384ad7e407f8.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-3777", }, { cve: "CVE-2023-4004", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "A use-after-free flaw was found in the Linux kernel's netfilter in the way a user triggers the nft_pipapo_remove function with the element, without a NFT_SET_EXT_KEY_END. This issue could allow a local user to crash the system or potentially escalate their privileges on the system.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-4004", }, { cve: "CVE-2023-4015", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "The netfilter subsystem in the Linux kernel did not properly handle bound chain deactivation in certain circumstances. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 8.4, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-4015", }, { cve: "CVE-2023-4273", cwe: { id: "CWE-121", name: "Stack-based Buffer Overflow", }, notes: [ { category: "summary", text: "This vulnerability exists in the implementation of the file name reconstruction function, which is responsible for reading file name entries from a directory index and merging file name parts belonging to one file into a single long file name. Since the file name characters are copied into a stack variable, a local privileged attacker could use this vulnerability to overflow the kernel stack.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-4273", }, { cve: "CVE-2023-4623", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free vulnerability in the Linux kernel's net/sched: sch_hfsc (HFSC qdisc traffic control) component can be exploited to achieve local privilege escalation.\n\nIf a class with a link-sharing curve (i.e. with the HFSC_FSC flag set) has a parent without a link-sharing curve, then init_vf() will call vttree_insert() on the parent, but vttree_remove() will be skipped in update_vf(). This leaves a dangling pointer that can cause a use-after-free.\n\nWe recommend upgrading past commit b3d26c5702c7d6c45456326e56d2ccf3f103e60f.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-4623", }, { cve: "CVE-2023-4911", cwe: { id: "CWE-121", name: "Stack-based Buffer Overflow", }, notes: [ { category: "summary", text: "A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-4911", }, { cve: "CVE-2023-4921", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free vulnerability in the Linux kernel's net/sched: sch_qfq component can be exploited to achieve local privilege escalation.\n\nWhen the plug qdisc is used as a class of the qfq qdisc, sending network packets triggers use-after-free in qfq_dequeue() due to the incorrect .peek handler of sch_plug and lack of error checking in agg_dequeue().\n\nWe recommend upgrading past commit 8fc134fee27f2263988ae38920bc03da416b03d8.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-4921", }, { cve: "CVE-2023-5178", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free vulnerability was found in drivers/nvme/target/tcp.c` in `nvmet_tcp_free_crypto` due to a logical bug in the NVMe-oF/TCP subsystem in the Linux kernel. This issue may allow a malicious local privileged user to cause a use-after-free and double-free problem, which may permit remote code execution or lead to local privilege escalation problem.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-5178", }, { cve: "CVE-2023-5197", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation.\r\n\r\nAddition and removal of rules from chain bindings within the same transaction causes leads to use-after-free.\r\n\r\nWe recommend upgrading past commit f15f29fd4779be8a418b66e9d52979bb6d6c2325.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-5197", }, { cve: "CVE-2023-5678", cwe: { id: "CWE-754", name: "Improper Check for Unusual or Exceptional Conditions", }, notes: [ { category: "summary", text: "Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_generate_key() to generate an X9.42 DH key may experience long delays. Likewise, applications that use DH_check_pub_key(), DH_check_pub_key_ex() or EVP_PKEY_public_check() to check an X9.42 DH key or X9.42 DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. While DH_check() performs all the necessary checks (as of CVE-2023-3817), DH_check_pub_key() doesn't make any of these checks, and is therefore vulnerable for excessively large P and Q parameters. Likewise, while DH_generate_key() performs a check for an excessively large P, it doesn't check for an excessively large Q. An application that calls DH_generate_key() or DH_check_pub_key() and supplies a key or parameters obtained from an untrusted source could be vulnerable to a Denial of Service attack. DH_generate_key() and DH_check_pub_key() are also called by a number of other OpenSSL functions. An application calling any of those other functions may similarly be affected. The other functions affected by this are DH_check_pub_key_ex(), EVP_PKEY_public_check(), and EVP_PKEY_generate(). Also vulnerable are the OpenSSL pkey command line application when using the \"-pubcheck\" option, as well as the OpenSSL genpkey command line application. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-5678", }, { cve: "CVE-2023-5717", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "A heap out-of-bounds write vulnerability in the Linux kernel's Linux Kernel Performance Events (perf) component can be exploited to achieve local privilege escalation.\r\n\r\nIf perf_read_group() is called while an event's sibling_list is smaller than its child's sibling_list, it can increment or write to memory locations outside of the allocated buffer.\r\n\r\nWe recommend upgrading past commit 32671e3799ca2e4590773fd0e63aaa4229e50c06.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-5717", }, { cve: "CVE-2023-6606", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "summary", text: "An out-of-bounds read vulnerability was found in smbCalcSize in fs/smb/client/netmisc.c in the Linux Kernel. This issue could allow a local attacker to crash the system or leak internal kernel information.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-6606", }, { cve: "CVE-2023-6931", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "A heap out-of-bounds write vulnerability in the Linux kernel's Performance Events system component can be exploited to achieve local privilege escalation.\n\nA perf_event's read_size can overflow, leading to an heap out-of-bounds increment or write in perf_read_group().\n\nWe recommend upgrading past commit 382c27f4ed28f803b1f1473ac2d8db0afc795a1b.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-6931", }, { cve: "CVE-2023-6932", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free vulnerability in the Linux kernel's ipv4: igmp component can be exploited to achieve local privilege escalation.\n\nA race condition can be exploited to cause a timer be mistakenly registered on a RCU read locked object which is freed by another thread.\n\nWe recommend upgrading past commit e2b706c691905fe78468c361aaabc719d0a496f1.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-6932", }, { cve: "CVE-2023-7008", cwe: { id: "CWE-300", name: "Channel Accessible by Non-Endpoint", }, notes: [ { category: "summary", text: "A vulnerability was found in systemd-resolved. This issue may allow systemd-resolved to accept records of DNSSEC-signed domains even when they have no signature, allowing man-in-the-middles (or the upstream DNS resolver) to manipulate records.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-7008", }, { cve: "CVE-2023-7104", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, notes: [ { category: "summary", text: "A vulnerability was found in SQLite SQLite3 up to 3.43.0 and classified as critical. This issue affects the function sessionReadRecord of the file ext/session/sqlite3session.c of the component make alltest Handler. The manipulation leads to heap-based buffer overflow. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-248999.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-7104", }, { cve: "CVE-2023-23454", cwe: { id: "CWE-843", name: "Access of Resource Using Incompatible Type ('Type Confusion')", }, notes: [ { category: "summary", text: "cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service (slab-out-of-bounds read) because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results).", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-23454", }, { cve: "CVE-2023-23455", cwe: { id: "CWE-843", name: "Access of Resource Using Incompatible Type ('Type Confusion')", }, notes: [ { category: "summary", text: "atm_tc_enqueue in net/sched/sch_atm.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results).", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-23455", }, { cve: "CVE-2023-23559", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, notes: [ { category: "summary", text: "In rndis_query_oid in drivers/net/wireless/rndis_wlan.c in the Linux kernel through 6.1.5, there is an integer overflow in an addition.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-23559", }, { cve: "CVE-2023-26607", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "summary", text: "In the Linux kernel 6.0.8, there is an out-of-bounds read in ntfs_attr_find in fs/ntfs/attrib.c.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-26607", }, { cve: "CVE-2023-31085", cwe: { id: "CWE-369", name: "Divide By Zero", }, notes: [ { category: "summary", text: "An issue was discovered in drivers/mtd/ubi/cdev.c in the Linux kernel 6.2. There is a divide-by-zero error in do_div(sz,mtd->erasesize), used indirectly by ctrl_cdev_ioctl, when mtd->erasesize is 0.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-31085", }, { cve: "CVE-2023-31436", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "qfq_change_class in net/sched/sch_qfq.c in the Linux kernel before 6.2.13 allows an out-of-bounds write because lmax can exceed QFQ_MIN_LMAX.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-31436", }, { cve: "CVE-2023-32233", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "In the Linux kernel through 6.3.1, a use-after-free in Netfilter nf_tables when processing batch requests can be abused to perform arbitrary read and write operations on kernel memory. Unprivileged local users can obtain root privileges. This occurs because anonymous sets are mishandled.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-32233", }, { cve: "CVE-2023-35001", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in any user or network namespace", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-35001", }, { cve: "CVE-2023-35827", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "An issue was discovered in the Linux kernel through 6.3.8. A use-after-free was found in ravb_remove in drivers/net/ethernet/renesas/ravb_main.c.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-35827", }, { cve: "CVE-2023-36660", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "The OCB feature in libnettle in Nettle 3.9 before 3.9.1 allows memory corruption.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-36660", }, { cve: "CVE-2023-37453", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "summary", text: "An issue was discovered in the USB subsystem in the Linux kernel through 6.4.2. There is an out-of-bounds and crash in read_descriptors in drivers/usb/core/sysfs.c.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 4.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-37453", }, { cve: "CVE-2023-39189", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "summary", text: "A flaw was found in the Netfilter subsystem in the Linux kernel. The nfnl_osf_add_callback function did not validate the user mode controlled opt_num field. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, leading to a crash or information disclosure.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:L/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-39189", }, { cve: "CVE-2023-39192", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "summary", text: "A flaw was found in the Netfilter subsystem in the Linux kernel. The xt_u32 module did not validate the fields in the xt_u32 structure. This flaw allows a local privileged attacker to trigger an out-of-bounds read by setting the size fields with a value beyond the array boundaries, leading to a crash or information disclosure.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 6.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-39192", }, { cve: "CVE-2023-39193", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "summary", text: "A flaw was found in the Netfilter subsystem in the Linux kernel. The sctp_mt_check did not validate the flag_count field. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, leading to a crash or information disclosure.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 6.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-39193", }, { cve: "CVE-2023-39194", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "summary", text: "A flaw was found in the XFRM subsystem in the Linux kernel. The specific flaw exists within the processing of state filters, which can result in a read past the end of an allocated buffer. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, potentially leading to an information disclosure.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 3.2, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-39194", }, { cve: "CVE-2023-42753", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a miscalculation of the `h->nets` array offset, providing attackers with the primitive to arbitrarily increment/decrement a memory buffer out-of-bound. This issue may allow a local user to crash the system or potentially escalate their privileges on the system.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-42753", }, { cve: "CVE-2023-42754", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "summary", text: "A NULL pointer dereference flaw was found in the Linux kernel ipv4 stack. The socket buffer (skb) was assumed to be associated with a device before calling __ip_options_compile, which is not always the case if the skb is re-routed by ipvs. This issue may allow a local user with CAP_NET_ADMIN privileges to crash the system.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-42754", }, { cve: "CVE-2023-42755", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "summary", text: "A flaw was found in the IPv4 Resource Reservation Protocol (RSVP) classifier in the Linux kernel. The xprt pointer may go beyond the linear part of the skb, leading to an out-of-bounds read in the `rsvp_classify` function. This issue may allow a local user to crash the system and cause a denial of service.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-42755", }, { cve: "CVE-2023-45863", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "An issue was discovered in lib/kobject.c in the Linux kernel before 6.2.3. With root access, an attacker can trigger a race condition that results in a fill_kobj_path out-of-bounds write.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-45863", }, { cve: "CVE-2023-45871", cwe: { id: "CWE-120", name: "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", }, notes: [ { category: "summary", text: "An issue was discovered in drivers/net/ethernet/intel/igb/igb_main.c in the IGB driver in the Linux kernel before 6.5.3. A buffer size may not be adequate for frames larger than the MTU.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-45871", }, { cve: "CVE-2023-48795", cwe: { id: "CWE-222", name: "Truncation of Security-relevant Information", }, notes: [ { category: "summary", text: "The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH's use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust; and there could be effects on Bitvise SSH through 9.31.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-48795", }, { cve: "CVE-2023-50495", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "NCurse v6.4-20230418 was discovered to contain a segmentation fault via the component _nc_wrap_entry().", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-50495", }, { cve: "CVE-2023-51384", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS#11-hosted private keys, these constraints are only applied to the first key, even if a PKCS#11 token returns multiple keys.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-51384", }, { cve: "CVE-2023-51385", cwe: { id: "CWE-78", name: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", }, notes: [ { category: "summary", text: "In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters in a user name or host name.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-51385", }, { cve: "CVE-2023-51767", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "OpenSSH through 9.6, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer value of authenticated in mm_answer_authpassword does not resist flips of a single bit. NOTE: this is applicable to a certain threat model of attacker-victim co-location in which the attacker has user privileges.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-51767", }, { cve: "CVE-2024-0232", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A heap use-after-free issue has been identified in SQLite in the jsonParseAddNodeArray() function in sqlite3.c. This flaw allows a local attacker to leverage a victim to pass specially crafted malicious input to the application, potentially causing a crash and leading to a denial of service.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2024-0232", }, { cve: "CVE-2024-0553", cwe: { id: "CWE-203", name: "Observable Discrepancy", }, notes: [ { category: "summary", text: "A vulnerability was found in GnuTLS. The response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from the response times of ciphertexts with correct PKCS#1 v1.5 padding. This issue may allow a remote attacker to perform a timing side-channel attack in the RSA-PSK key exchange, potentially leading to the leakage of sensitive data. CVE-2024-0553 is designated as an incomplete resolution for CVE-2023-5981.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2024-0553", }, { cve: "CVE-2024-0567", cwe: { id: "CWE-347", name: "Improper Verification of Cryptographic Signature", }, notes: [ { category: "summary", text: "A vulnerability was found in GnuTLS, where a cockpit (which uses gnuTLS) rejects a certificate chain with distributed trust. This issue occurs when validating a certificate chain with cockpit-certificate-ensure. This flaw allows an unauthenticated, remote client or attacker to initiate a denial of service attack.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2024-0567", }, { cve: "CVE-2024-0584", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free issue was found in igmp_start_timer in net/ipv4/igmp.c in the network sub-component in the Linux Kernel. This flaw allows a local user to observe a refcnt use-after-free issue when receiving an igmp query packet, leading to a kernel information leak.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2024-0584", }, { cve: "CVE-2024-0684", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, notes: [ { category: "summary", text: "A flaw was found in the GNU coreutils \"split\" program. A heap overflow with user-controlled data of multiple hundred bytes in length could occur in the line_bytes_split() function, potentially leading to an application crash and denial of service.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2024-0684", }, { cve: "CVE-2024-22365", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "linux-pam (aka Linux PAM) before 1.6.0 allows attackers to cause a denial of service (blocked login process) via mkfifo because the openat call (for protect_dir) lacks O_DIRECTORY.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2024-22365", }, { cve: "CVE-2024-25062", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5. When using the XML Reader interface with DTD validation and XInclude expansion enabled, processing crafted XML documents can lead to an xmlValidatePopElement use-after-free.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2024-25062", }, ], }
SSA-794697
Vulnerability from csaf_siemens
Published
2023-06-13 00:00
Modified
2024-04-09 00:00
Summary
SSA-794697: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP before V1.1
Notes
Summary
Multiple vulnerabilities have been identified in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP V1.0.
Siemens has released a new version for SIMATIC S7-1500 TM MFP - GNU/Linux subsystem and recommends to update to the latest version.
This advisory lists vulnerabilities for firmware version V1.0 only; for V1.1 refer to Siemens Security Advisory SSA-265688 (
https://cert-portal.siemens.com/productcert/html/ssa-265688.html).
General Recommendations
As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download:
https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.
Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity
Additional Resources
For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Terms of Use
Siemens Security Advisories are subject to the terms and conditions contained in Siemens' underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter "License Terms"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens' Global Website (https://www.siemens.com/terms_of_use, hereinafter "Terms of Use"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.
{ document: { category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Disclosure is not limited. (TLPv2: TLP:CLEAR)", tlp: { label: "WHITE", }, }, lang: "en", notes: [ { category: "summary", text: "Multiple vulnerabilities have been identified in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP V1.0.\n\nSiemens has released a new version for SIMATIC S7-1500 TM MFP - GNU/Linux subsystem and recommends to update to the latest version.\n\nThis advisory lists vulnerabilities for firmware version V1.0 only; for V1.1 refer to Siemens Security Advisory SSA-265688 (\nhttps://cert-portal.siemens.com/productcert/html/ssa-265688.html).", title: "Summary", }, { category: "general", text: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", title: "General Recommendations", }, { category: "general", text: "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories", title: "Additional Resources", }, { category: "legal_disclaimer", text: "Siemens Security Advisories are subject to the terms and conditions contained in Siemens' underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter \"License Terms\"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens' Global Website (https://www.siemens.com/terms_of_use, hereinafter \"Terms of Use\"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "productcert@siemens.com", name: "Siemens ProductCERT", namespace: "https://www.siemens.com", }, references: [ { category: "self", summary: "SSA-794697: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP before V1.1 - HTML Version", url: "https://cert-portal.siemens.com/productcert/html/ssa-794697.html", }, { category: "self", summary: "SSA-794697: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP before V1.1 - CSAF Version", url: "https://cert-portal.siemens.com/productcert/csaf/ssa-794697.json", }, { category: "self", summary: "SSA-794697: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP before V1.1 - PDF Version", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-794697.pdf", }, { category: "self", summary: "SSA-794697: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP before V1.1 - TXT Version", url: "https://cert-portal.siemens.com/productcert/txt/ssa-794697.txt", }, ], title: "SSA-794697: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP before V1.1", tracking: { current_release_date: "2024-04-09T00:00:00Z", generator: { engine: { name: "Siemens ProductCERT CSAF Generator", version: "1", }, }, id: "SSA-794697", initial_release_date: "2023-06-13T00:00:00Z", revision_history: [ { date: "2023-06-13T00:00:00Z", legacy_version: "1.0", number: "1", summary: "Publication Date", }, { date: "2023-07-11T00:00:00Z", legacy_version: "1.1", number: "2", summary: "Added CVE-2022-4269, CVE-2023-3141, CVE-2023-3268, CVE-2023-31436, CVE-2023-32233", }, { date: "2023-08-08T00:00:00Z", legacy_version: "1.2", number: "3", summary: "Added CVE-2023-3446, CVE-2023-3389, CVE-2022-1015, \r\nCVE-2023-3609", }, { date: "2023-09-12T00:00:00Z", legacy_version: "1.3", number: "4", summary: "Added CVE-2023-3338", }, { date: "2023-11-14T00:00:00Z", legacy_version: "1.4", number: "5", summary: "Added CVE-2023-1206, CVE-2023-2898, CVE-2023-3610, CVE-2023-3611, CVE-2023-3772, CVE-2023-3773, CVE-2023-3777, CVE-2023-4004, CVE-2023-4015, CVE-2023-4273, CVE-2023-4623, CVE-2023-4921, CVE-2023-35001, CVE-2023-37453, CVE-2023-39192, CVE-2023-39193, CVE-2023-39194, CVE-2023-42753, CVE-2023-42755", }, { date: "2023-12-12T00:00:00Z", legacy_version: "1.5", number: "6", summary: "Added CVE-2021-44879, CVE-2023-5178, CVE-2023-5197, CVE-2023-5678, CVE-2023-5717, CVE-2023-31085, CVE-2023-35827, CVE-2023-39189, CVE-2023-42754, CVE-2023-45863, CVE-2023-45871", }, { date: "2024-01-09T00:00:00Z", legacy_version: "1.6", number: "7", summary: "Added CVE-2023-48795", }, { date: "2024-02-13T00:00:00Z", legacy_version: "1.7", number: "8", summary: "Added CVE-2020-12762, CVE-2023-6606, CVE-2023-6931, CVE-2023-6932, CVE-2023-7008, CVE-2023-7104, CVE-2023-36660, CVE-2023-50495, CVE-2023-51384, CVE-2023-51385, CVE-2023-51767, CVE-2024-0232, CVE-2024-0553, CVE-2024-0567, CVE-2024-0584, CVE-2024-0684, CVE-2024-22365, CVE-2024-25062", }, { date: "2024-04-09T00:00:00Z", legacy_version: "1.8", number: "9", summary: "Added fix for SIMATIC S7-1500 TM MFP - GNU/Linux subsystem", }, ], status: "interim", version: "9", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version_range", name: "<V1.1", product: { name: "SIMATIC S7-1500 TM MFP - GNU/Linux subsystem", product_id: "1", }, }, ], category: "product_name", name: "SIMATIC S7-1500 TM MFP - GNU/Linux subsystem", }, ], category: "vendor", name: "Siemens", }, ], }, vulnerabilities: [ { cve: "CVE-2020-12762", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, notes: [ { category: "summary", text: "json-c through 0.14 has an integer overflow and out-of-bounds write via a large JSON file, as demonstrated by printbuf_memappend.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2020-12762", }, { cve: "CVE-2021-3759", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "summary", text: "A memory overflow vulnerability was found in the Linux kernel’s ipc functionality of the memcg subsystem, in the way a user calls the semget function multiple times, creating semaphores. This flaw allows a local user to starve the resources, causing a denial of service. The highest threat from this vulnerability is to system availability.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2021-3759", }, { cve: "CVE-2021-4037", cwe: { id: "CWE-284", name: "Improper Access Control", }, notes: [ { category: "summary", text: "A vulnerability was found in the fs/inode.c:inode_init_owner() function logic of the LInux kernel that allows local users to create files for the XFS file-system with an unintended group ownership and with group execution and SGID permission bits set, in a scenario where a directory is SGID and belongs to a certain group and is writable by a user who is not a member of this group. This can lead to excessive permissions granted in case when they should not. This vulnerability is similar to the previous CVE-2018-13405 and adds the missed fix for the XFS.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2021-4037", }, { cve: "CVE-2021-33655", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "When sending malicous data to kernel by ioctl cmd FBIOPUT_VSCREENINFO,kernel will write memory out of bounds.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 6.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2021-33655", }, { cve: "CVE-2021-44879", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "summary", text: "In gc_data_segment in fs/f2fs/gc.c in the Linux kernel before 5.16.3, special files are not considered, leading to a move_data_page NULL pointer dereference.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2021-44879", }, { cve: "CVE-2022-0171", cwe: { id: "CWE-459", name: "Incomplete Cleanup", }, notes: [ { category: "summary", text: "A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root (host) user-level application to crash the host kernel by creating a confidential guest VM instance in AMD CPU that supports Secure Encrypted Virtualization (SEV).", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-0171", }, { cve: "CVE-2022-1012", cwe: { id: "CWE-401", name: "Missing Release of Memory after Effective Lifetime", }, notes: [ { category: "summary", text: "A memory leak problem was found in the TCP source port generation algorithm in net/ipv4/tcp.c due to the small table perturb size. This flaw may allow an attacker to information leak and may cause a denial of service problem.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 8.2, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-1012", }, { cve: "CVE-2022-1015", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "A flaw was found in the Linux kernel in linux/net/netfilter/nf_tables_api.c of the netfilter subsystem. This flaw allows a local user to cause an out-of-bounds write issue.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-1015", }, { cve: "CVE-2022-1184", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free flaw was found in fs/ext4/namei.c:dx_insert_block() in the Linux kernel’s filesystem sub-component. This flaw allows a local attacker with a user privilege to cause a denial of service.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-1184", }, { cve: "CVE-2022-1292", cwe: { id: "CWE-78", name: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", }, notes: [ { category: "summary", text: "The c_rehash script does not properly sanitise shell metacharacters to prevent command injection.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-1292", }, { cve: "CVE-2022-1343", cwe: { id: "CWE-295", name: "Improper Certificate Validation", }, notes: [ { category: "summary", text: "Under certain circumstances, the command line OCSP verify function reports successful verification when the verification in fact failed. In this case the incorrect successful response will also be accompanied by error messages showing the failure and contradicting the apparently successful result.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-1343", }, { cve: "CVE-2022-1434", cwe: { id: "CWE-327", name: "Use of a Broken or Risky Cryptographic Algorithm", }, notes: [ { category: "summary", text: "When using the RC4-MD5 ciphersuite, which is disabled by default, an attacker is able to modify data in transit due to an incorrect use of the AAD data as the MAC key in OpenSSL 3.0. An attacker is not able to decrypt any communication.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-1434", }, { cve: "CVE-2022-1462", cwe: { id: "CWE-362", name: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", }, notes: [ { category: "summary", text: "An out-of-bounds read flaw was found in the Linux kernel’s TeleTYpe subsystem. The issue occurs in how a user triggers a race condition using ioctls TIOCSPTLCK and TIOCGPTPEER and TIOCSTI and TCXONC with leakage of memory in the flush_to_ldisc function. This flaw allows a local user to crash the system or read unauthorized random data from memory.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 6.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-1462", }, { cve: "CVE-2022-1473", cwe: { id: "CWE-404", name: "Improper Resource Shutdown or Release", }, notes: [ { category: "summary", text: "The used OpenSSL version improperly reuses memory when decoding certificates or keys. This can lead to a process termination and Denial of Service for long lived processes.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-1473", }, { cve: "CVE-2022-1679", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free flaw was found in the Linux kernel’s Atheros wireless adapter driver in the way a user forces the ath9k_htc_wait_for_target function to fail with some input messages. This flaw allows a local user to crash or potentially escalate their privileges on the system.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-1679", }, { cve: "CVE-2022-1852", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "summary", text: "A NULL pointer dereference flaw was found in the Linux kernel’s KVM module, which can lead to a denial of service in the x86_emulate_insn in arch/x86/kvm/emulate.c. This flaw occurs while executing an illegal instruction in guest in the Intel CPU.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-1852", }, { cve: "CVE-2022-1882", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free flaw was found in the Linux kernel’s pipes functionality in how a user performs manipulations with the pipe post_one_notification() after free_pipe_info() that is already called. This flaw allows a local user to crash or potentially escalate their privileges on the system.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-1882", }, { cve: "CVE-2022-2068", cwe: { id: "CWE-78", name: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", }, notes: [ { category: "summary", text: "In addition to the c_rehash shell command injection identified in CVE-2022-1292, further circumstances where the c_rehash script does not properly sanitise shell metacharacters to prevent command injection were found by code review. When the CVE-2022-1292 was fixed it was not discovered that there are other places in the script where the file names of certificates being hashed were possibly passed to a command executed through the shell. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-2068", }, { cve: "CVE-2022-2078", cwe: { id: "CWE-121", name: "Stack-based Buffer Overflow", }, notes: [ { category: "summary", text: "A vulnerability was found in the Linux kernel's nft_set_desc_concat_parse() function .This flaw allows an attacker to trigger a buffer overflow via nft_set_desc_concat_parse() , causing a denial of service and possibly to run code.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-2078", }, { cve: "CVE-2022-2097", cwe: { id: "CWE-326", name: "Inadequate Encryption Strength", }, notes: [ { category: "summary", text: "AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation will not encrypt the entirety of the data under some circumstances. This could reveal sixteen bytes of data that was preexisting in the memory that wasn't written. In the special case of \"in place\" encryption, sixteen bytes of the plaintext would be revealed. Since OpenSSL does not support OCB based cipher suites for TLS and DTLS, they are both unaffected.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-2097", }, { cve: "CVE-2022-2153", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "summary", text: "A flaw was found in the Linux kernel’s KVM when attempting to set a SynIC IRQ. This issue makes it possible for a misbehaving VMM to write to SYNIC/STIMER MSRs, causing a NULL pointer dereference. This flaw allows an unprivileged local attacker on the host to issue specific ioctl calls, causing a kernel oops condition that results in a denial of service.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-2153", }, { cve: "CVE-2022-2274", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "The OpenSSL 3.0.4 release introduced a serious bug in the RSA implementation for X86_64 CPUs supporting the AVX512IFMA instructions. This issue makes the RSA implementation with 2048 bit private keys incorrect on such machines and memory corruption will happen during the computation. As a consequence of the memory corruption an attacker may be able to trigger a remote code execution on the machine performing the computation. SSL/TLS servers or other servers using 2048 bit RSA private keys running on machines supporting AVX512IFMA instructions of the X86_64 architecture are affected by this issue.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-2274", }, { cve: "CVE-2022-2327", cwe: { id: "CWE-415", name: "Double Free", }, notes: [ { category: "summary", text: "io_uring use work_flags to determine which identity need to grab from the calling process to make sure it is consistent with the calling process when executing IORING_OP. Some operations are missing some types, which can lead to incorrect reference counts which can then lead to a double free. We recommend upgrading the kernel past commit df3f3bb5059d20ef094d6b2f0256c4bf4127a859", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-2327", }, { cve: "CVE-2022-2503", cwe: { id: "CWE-287", name: "Improper Authentication", }, notes: [ { category: "summary", text: "Dm-verity is used for extending root-of-trust to root filesystems. LoadPin builds on this property to restrict module/firmware loads to just the trusted root filesystem. Device-mapper table reloads currently allow users with root privileges to switch out the target with an equivalent dm-linear target and bypass verification till reboot. This allows root to bypass LoadPin and can be used to load untrusted and unverified kernel modules and firmware, which implies arbitrary kernel execution and persistence for peripherals that do not verify firmware updates. We recommend upgrading past commit 4caae58406f8ceb741603eee460d79bacca9b1b5", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 6.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-2503", }, { cve: "CVE-2022-2586", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free flaw was found in nf_tables cross-table in the net/netfilter/nf_tables_api.c function in the Linux kernel. This flaw allows a local, privileged attacker to cause a use-after-free problem at the time of table deletion, possibly leading to local privilege escalation.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 6.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-2586", }, { cve: "CVE-2022-2588", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-2588", }, { cve: "CVE-2022-2602", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "A flaw was found in the Linux kernel. A race issue occurs between an io_uring request and the Unix socket garbage collector, allowing an attacker local privilege escalation.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-2602", }, { cve: "CVE-2022-2663", cwe: { id: "CWE-923", name: "Improper Restriction of Communication Channel to Intended Endpoints", }, notes: [ { category: "summary", text: "An issue was found in the Linux kernel in nf_conntrack_irc where the message handling can be confused and incorrectly matches the message. A firewall may be able to be bypassed when users are using unencrypted IRC with nf_conntrack_irc configured.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-2663", }, { cve: "CVE-2022-2905", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "summary", text: "An out-of-bounds memory read flaw was found in the Linux kernel's BPF subsystem in how a user calls the bpf_tail_call function with a key larger than the max_entries of the map. This flaw allows a local user to gain unauthorized access to data.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-2905", }, { cve: "CVE-2022-2959", cwe: { id: "CWE-362", name: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", }, notes: [ { category: "summary", text: "A race condition was found in the Linux kernel's watch queue due to a missing lock in pipe_resize_ring(). The specific flaw exists within the handling of pipe buffers. The issue results from the lack of proper locking when performing operations on an object. This flaw allows a local user to crash the system or escalate their privileges on the system.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-2959", }, { cve: "CVE-2022-2978", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A flaw use after free in the Linux kernel NILFS file system was found in the way user triggers function security_inode_alloc to fail with following call to function nilfs_mdt_destroy. A local user could use this flaw to crash the system or potentially escalate their privileges on the system.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-2978", }, { cve: "CVE-2022-3028", cwe: { id: "CWE-362", name: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", }, notes: [ { category: "summary", text: "A race condition was found in the Linux kernel's IP framework for transforming packets (XFRM subsystem) when multiple calls to xfrm_probe_algs occurred simultaneously. This flaw could allow a local attacker to potentially trigger an out-of-bounds write or leak kernel heap memory by performing an out-of-bounds read and copying it into a socket.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-3028", }, { cve: "CVE-2022-3104", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "summary", text: "An issue was discovered in the Linux kernel through 5.16-rc6. lkdtm_ARRAY_BOUNDS in drivers/misc/lkdtm/bugs.c lacks check of the return value of kmalloc() and will cause the null pointer dereference.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-3104", }, { cve: "CVE-2022-3115", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "summary", text: "An issue was discovered in the Linux kernel through 5.16-rc6. malidp_crtc_reset in drivers/gpu/drm/arm/malidp_crtc.c lacks check of the return value of kzalloc() and will cause the null pointer dereference.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-3115", }, { cve: "CVE-2022-3169", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "A flaw was found in the Linux kernel. A denial of service flaw may occur if there is a consecutive request of the NVME_IOCTL_RESET and the NVME_IOCTL_SUBSYS_RESET through the device file of the driver, resulting in a PCIe link disconnect.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-3169", }, { cve: "CVE-2022-3303", cwe: { id: "CWE-362", name: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", }, notes: [ { category: "summary", text: "A race condition flaw was found in the Linux kernel sound subsystem due to improper locking. It could lead to a NULL pointer dereference while handling the SNDCTL_DSP_SYNC ioctl. A privileged local user (root or member of the audio group) could use this flaw to crash the system, resulting in a denial of service condition", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-3303", }, { cve: "CVE-2022-3521", cwe: { id: "CWE-362", name: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", }, notes: [ { category: "summary", text: "A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects the function kcm_tx_work of the file net/kcm/kcmsock.c of the component kcm. The manipulation leads to race condition. It is recommended to apply a patch to fix this issue. VDB-211018 is the identifier assigned to this vulnerability.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 2.5, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-3521", }, { cve: "CVE-2022-3524", cwe: { id: "CWE-404", name: "Improper Resource Shutdown or Release", }, notes: [ { category: "summary", text: "A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function ipv6_renew_options of the component IPv6 Handler. The manipulation leads to memory leak. The attack can be launched remotely. It is recommended to apply a patch to fix this issue. The identifier VDB-211021 was assigned to this vulnerability.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-3524", }, { cve: "CVE-2022-3534", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A vulnerability classified as critical has been found in Linux Kernel. Affected is the function btf_dump_name_dups of the file tools/lib/bpf/btf_dump.c of the component libbpf. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211032.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-3534", }, { cve: "CVE-2022-3545", cwe: { id: "CWE-119", name: "Improper Restriction of Operations within the Bounds of a Memory Buffer", }, notes: [ { category: "summary", text: "A vulnerability has been found in Linux Kernel and classified as critical. Affected by this vulnerability is the function area_cache_get of the file drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier VDB-211045 was assigned to this vulnerability.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-3545", }, { cve: "CVE-2022-3564", cwe: { id: "CWE-119", name: "Improper Restriction of Operations within the Bounds of a Memory Buffer", }, notes: [ { category: "summary", text: "A vulnerability classified as critical was found in Linux Kernel. Affected by this vulnerability is the function l2cap_reassemble_sdu of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211087.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-3564", }, { cve: "CVE-2022-3565", cwe: { id: "CWE-119", name: "Improper Restriction of Operations within the Bounds of a Memory Buffer", }, notes: [ { category: "summary", text: "A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function del_timer of the file drivers/isdn/mISDN/l1oip_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211088.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-3565", }, { cve: "CVE-2022-3586", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A flaw was found in the Linux kernel’s networking code. A use-after-free was found in the way the sch_sfb enqueue function used the socket buffer (SKB) cb field after the same SKB had been enqueued (and freed) into a child qdisc. This flaw allows a local, unprivileged user to crash the system, causing a denial of service.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-3586", }, { cve: "CVE-2022-3594", cwe: { id: "CWE-404", name: "Improper Resource Shutdown or Release", }, notes: [ { category: "summary", text: "A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function intr_callback of the file drivers/net/usb/r8152.c of the component BPF. The manipulation leads to logging of excessive data. The attack can be launched remotely. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211363.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-3594", }, { cve: "CVE-2022-3606", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "summary", text: "A vulnerability was found in Linux Kernel. It has been classified as problematic. This affects the function find_prog_by_sec_insn of the file tools/lib/bpf/libbpf.c of the component BPF. The manipulation leads to null pointer dereference. It is recommended to apply a patch to fix this issue. The identifier VDB-211749 was assigned to this vulnerability.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-3606", }, { cve: "CVE-2022-3621", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "summary", text: "A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function nilfs_bmap_lookup_at_level of the file fs/nilfs2/inode.c of the component nilfs2. The manipulation leads to null pointer dereference. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211920.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-3621", }, { cve: "CVE-2022-3625", cwe: { id: "CWE-119", name: "Improper Restriction of Operations within the Bounds of a Memory Buffer", }, notes: [ { category: "summary", text: "A vulnerability was found in Linux Kernel. It has been classified as critical. This affects the function devlink_param_set/devlink_param_get of the file net/core/devlink.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier VDB-211929 was assigned to this vulnerability.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-3625", }, { cve: "CVE-2022-3628", cwe: { id: "CWE-120", name: "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", }, notes: [ { category: "summary", text: "A buffer overflow flaw was found in the Linux kernel Broadcom Full MAC Wi-Fi driver. This issue occurs when a user connects to a malicious USB device. This can allow a local user to crash the system or escalate their privileges.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-3628", }, { cve: "CVE-2022-3629", cwe: { id: "CWE-401", name: "Missing Release of Memory after Effective Lifetime", }, notes: [ { category: "summary", text: "A vulnerability was found in Linux Kernel. It has been declared as problematic. This vulnerability affects the function vsock_connect of the file net/vmw_vsock/af_vsock.c. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. VDB-211930 is the identifier assigned to this vulnerability.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-3629", }, { cve: "CVE-2022-3633", cwe: { id: "CWE-401", name: "Missing Release of Memory after Effective Lifetime", }, notes: [ { category: "summary", text: "A vulnerability classified as problematic has been found in Linux Kernel. Affected is the function j1939_session_destroy of the file net/can/j1939/transport.c. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211932.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-3633", }, { cve: "CVE-2022-3635", cwe: { id: "CWE-119", name: "Improper Restriction of Operations within the Bounds of a Memory Buffer", }, notes: [ { category: "summary", text: "A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function tst_timer of the file drivers/atm/idt77252.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. VDB-211934 is the identifier assigned to this vulnerability.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-3635", }, { cve: "CVE-2022-3646", cwe: { id: "CWE-404", name: "Improper Resource Shutdown or Release", }, notes: [ { category: "summary", text: "A vulnerability, which was classified as problematic, has been found in Linux Kernel. This issue affects the function nilfs_attach_log_writer of the file fs/nilfs2/segment.c of the component BPF. The manipulation leads to memory leak. The attack may be initiated remotely. It is recommended to apply a patch to fix this issue. The identifier VDB-211961 was assigned to this vulnerability.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-3646", }, { cve: "CVE-2022-3649", cwe: { id: "CWE-119", name: "Improper Restriction of Operations within the Bounds of a Memory Buffer", }, notes: [ { category: "summary", text: "A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function nilfs_new_inode of the file fs/nilfs2/inode.c of the component BPF. The manipulation leads to use after free. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211992.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-3649", }, { cve: "CVE-2022-4095", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free flaw was found in Linux kernel before 5.19.2. This issue occurs in cmd_hdl_filter in drivers/staging/rtl8712/rtl8712_cmd.c, allowing an attacker to launch a local denial of service attack and gain escalation of privileges.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-4095", }, { cve: "CVE-2022-4129", cwe: { id: "CWE-667", name: "Improper Locking", }, notes: [ { category: "summary", text: "A flaw was found in the Linux kernel's Layer 2 Tunneling Protocol (L2TP). A missing lock when clearing sk_user_data can lead to a race condition and NULL pointer dereference. A local user could use this flaw to potentially crash the system causing a denial of service.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-4129", }, { cve: "CVE-2022-4139", cwe: { id: "CWE-401", name: "Missing Release of Memory after Effective Lifetime", }, notes: [ { category: "summary", text: "An incorrect TLB flush issue was found in the Linux kernel’s GPU i915 kernel driver, potentially leading to random memory corruption or data leaks. This flaw could allow a local user to crash the system or escalate their privileges on the system.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-4139", }, { cve: "CVE-2022-4269", cwe: { id: "CWE-833", name: "Deadlock", }, notes: [ { category: "summary", text: "A flaw was found in the Linux kernel Traffic Control (TC) subsystem. Using a specific networking configuration (redirecting egress packets to ingress using TC action \"mirred\") a local unprivileged user could trigger a CPU soft lockup (ABBA deadlock) when the transport protocol in use (TCP or SCTP) does a retransmission, resulting in a denial of service condition.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-4269", }, { cve: "CVE-2022-4304", cwe: { id: "CWE-326", name: "Inadequate Encryption Strength", }, notes: [ { category: "summary", text: "A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in a Bleichenbacher style attack. To achieve a successful decryption an attacker would have to be able to send a very large number of trial messages for decryption. The vulnerability affects all RSA padding modes: PKCS#1 v1.5, RSA-OEAP and RSASVE. For example, in a TLS connection, RSA is commonly used by a client to send an encrypted pre-master secret to the server. An attacker that had observed a genuine connection between a client and a server could use this flaw to send trial messages to the server and record the time taken to process them. After a sufficiently large number of messages the attacker could recover the pre-master secret used for the original connection and thus be able to decrypt the application data sent over that connection.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-4304", }, { cve: "CVE-2022-4450", cwe: { id: "CWE-415", name: "Double Free", }, notes: [ { category: "summary", text: "The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and decodes the \"name\" (e.g. \"CERTIFICATE\"), any header data and the payload data. If the function succeeds then the \"name_out\", \"header\" and \"data\" arguments are populated with pointers to buffers containing the relevant decoded data. The caller is responsible for freeing those buffers. It is possible to construct a PEM file that results in 0 bytes of payload data. In this case PEM_read_bio_ex() will return a failure code but will populate the header argument with a pointer to a buffer that has already been freed. If the caller also frees this buffer then a double free will occur. This will most likely lead to a crash. This could be exploited by an attacker who has the ability to supply malicious PEM files for parsing to achieve a denial of service attack. The functions PEM_read_bio() and PEM_read() are simple wrappers around PEM_read_bio_ex() and therefore these functions are also directly affected. These functions are also called indirectly by a number of other OpenSSL functions including PEM_X509_INFO_read_bio_ex() and SSL_CTX_use_serverinfo_file() which are also vulnerable. Some OpenSSL internal uses of these functions are not vulnerable because the caller does not free the header argument if PEM_read_bio_ex() returns a failure code. These locations include the PEM_read_bio_TYPE() functions as well as the decoders introduced in OpenSSL 3.0. The OpenSSL asn1parse command line application is also impacted by this issue.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-4450", }, { cve: "CVE-2022-4662", cwe: { id: "CWE-455", name: "Non-exit on Failed Initialization", }, notes: [ { category: "summary", text: "A flaw incorrect access control in the Linux kernel USB core subsystem was found in the way user attaches usb device. A local user could use this flaw to crash the system.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-4662", }, { cve: "CVE-2022-20421", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "In binder_inc_ref_for_node of binder.c, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-239630375References: Upstream kernel", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-20421", }, { cve: "CVE-2022-20422", cwe: { id: "CWE-362", name: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", }, notes: [ { category: "summary", text: "In emulation_proc_handler of armv8_deprecated.c, there is a possible way to corrupt memory due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-237540956References: Upstream kernel", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-20422", }, { cve: "CVE-2022-20566", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "In l2cap_chan_put of l2cap_core, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-165329981References: Upstream kernel", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-20566", }, { cve: "CVE-2022-20572", cwe: { id: "CWE-863", name: "Incorrect Authorization", }, notes: [ { category: "summary", text: "In verity_target of dm-verity-target.c, there is a possible way to modify read-only files due to a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-234475629References: Upstream kernel", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 6.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-20572", }, { cve: "CVE-2022-21123", cwe: { id: "CWE-459", name: "Incomplete Cleanup", }, notes: [ { category: "summary", text: "Incomplete cleanup of multi-core shared buffers for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-21123", }, { cve: "CVE-2022-21125", cwe: { id: "CWE-459", name: "Incomplete Cleanup", }, notes: [ { category: "summary", text: "Incomplete cleanup of microarchitectural fill buffers on some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-21125", }, { cve: "CVE-2022-21166", cwe: { id: "CWE-459", name: "Incomplete Cleanup", }, notes: [ { category: "summary", text: "Incomplete cleanup in specific special register write operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-21166", }, { cve: "CVE-2022-21505", cwe: { id: "CWE-305", name: "Authentication Bypass by Primary Weakness", }, notes: [ { category: "summary", text: "A bug in the IMA subsystem was discovered which would incorrectly allow kexec to be used when kernel lockdown was enabled", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 6.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-21505", }, { cve: "CVE-2022-26373", cwe: { id: "CWE-311", name: "Missing Encryption of Sensitive Data", }, notes: [ { category: "summary", text: "Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-26373", }, { cve: "CVE-2022-32250", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "net/netfilter/nf_tables_api.c in the Linux kernel through 5.18.1 allows a local user (able to create user/net namespaces) to escalate privileges to root because an incorrect NFT_STATEFUL_EXPR check leads to a use-after-free.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-32250", }, { cve: "CVE-2022-32296", cwe: { id: "CWE-203", name: "Observable Discrepancy", }, notes: [ { category: "summary", text: "The Linux kernel before 5.17.9 allows TCP servers to identify clients by observing what source ports are used. This occurs because of use of Algorithm 4 (\"Double-Hash Port Selection Algorithm\") of RFC 6056.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-32296", }, { cve: "CVE-2022-34918", cwe: { id: "CWE-843", name: "Access of Resource Using Incompatible Type ('Type Confusion')", }, notes: [ { category: "summary", text: "An issue was discovered in the Linux kernel through 5.18.9. A type confusion bug in nft_set_elem_init (leading to a buffer overflow) could be used by a local attacker to escalate privileges, a different vulnerability than CVE-2022-32250. (The attacker can obtain root access, but must start with an unprivileged user namespace to obtain CAP_NET_ADMIN access.) This can be fixed in nft_setelem_parse_data in net/netfilter/nf_tables_api.c.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-34918", }, { cve: "CVE-2022-36123", cwe: { id: "CWE-311", name: "Missing Encryption of Sensitive Data", }, notes: [ { category: "summary", text: "The Linux kernel before 5.18.13 lacks a certain clear operation for the block starting symbol (.bss). This allows Xen PV guest OS users to cause a denial of service or gain privileges.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-36123", }, { cve: "CVE-2022-36280", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "An out-of-bounds(OOB) memory access vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_kms.c in GPU component in the Linux kernel with device file '/dev/dri/renderD128 (or Dxxx)'. This flaw allows a local attacker with a user account on the system to gain privilege, causing a denial of service(DoS).", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-36280", }, { cve: "CVE-2022-36879", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "An issue was discovered in the Linux kernel through 5.18.14. xfrm_expand_policies in net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-36879", }, { cve: "CVE-2022-36946", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "nfqnl_mangle in net/netfilter/nfnetlink_queue.c in the Linux kernel through 5.18.14 allows remote attackers to cause a denial of service (panic) because, in the case of an nf_queue verdict with a one-byte nfta_payload attribute, an skb_pull can encounter a negative skb->len.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-36946", }, { cve: "CVE-2022-39188", cwe: { id: "CWE-362", name: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", }, notes: [ { category: "summary", text: "An issue was discovered in include/asm-generic/tlb.h in the Linux kernel before 5.19. Because of a race condition (unmap_mapping_range versus munmap), a device driver can free a page while it still has stale TLB entries. This only occurs in situations with VM_PFNMAP VMAs.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-39188", }, { cve: "CVE-2022-39190", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "summary", text: "An issue was discovered in net/netfilter/nf_tables_api.c in the Linux kernel before 5.19.6. A denial of service can occur upon binding to an already bound chain.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-39190", }, { cve: "CVE-2022-40307", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "An issue was discovered in the Linux kernel through 5.19.8. drivers/firmware/efi/capsule-loader.c has a race condition with a resultant use-after-free.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-40307", }, { cve: "CVE-2022-40768", cwe: { id: "CWE-668", name: "Exposure of Resource to Wrong Sphere", }, notes: [ { category: "summary", text: "drivers/scsi/stex.c in the Linux kernel through 5.19.9 allows local users to obtain sensitive information from kernel memory because stex_queuecommand_lck lacks a memset for the PASSTHRU_CMD case.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-40768", }, { cve: "CVE-2022-41218", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "In drivers/media/dvb-core/dmxdev.c in the Linux kernel through 5.19.10, there is a use-after-free caused by refcount races, affecting dvb_demux_open and dvb_dmxdev_release.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-41218", }, { cve: "CVE-2022-41222", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "mm/mremap.c in the Linux kernel before 5.13.3 has a use-after-free via a stale TLB because an rmap lock is not held during a PUD move.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-41222", }, { cve: "CVE-2022-41674", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "An issue was discovered in the Linux kernel before 5.19.16. Attackers able to inject WLAN frames could cause a buffer overflow in the ieee80211_bss_info_update function in net/mac80211/scan.c.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-41674", }, { cve: "CVE-2022-41849", cwe: { id: "CWE-362", name: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", }, notes: [ { category: "summary", text: "drivers/video/fbdev/smscufx.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free if a physically proximate attacker removes a USB device while calling open(), aka a race condition between ufx_ops_open and ufx_usb_disconnect.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 4.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-41849", }, { cve: "CVE-2022-41850", cwe: { id: "CWE-362", name: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", }, notes: [ { category: "summary", text: "roccat_report_event in drivers/hid/hid-roccat.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free in certain situations where a report is received while copying a report->value is in progress.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-41850", }, { cve: "CVE-2022-42328", cwe: { id: "CWE-667", name: "Improper Locking", }, notes: [ { category: "summary", text: "Guests can trigger deadlock in Linux netback driver [This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] The patch for XSA-392 introduced another issue which might result in a deadlock when trying to free the SKB of a packet dropped due to the XSA-392 handling (CVE-2022-42328). Additionally when dropping packages for other reasons the same deadlock could occur in case of netpoll being active for the interface the xen-netback driver is connected to (CVE-2022-42329).", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-42328", }, { cve: "CVE-2022-42329", cwe: { id: "CWE-667", name: "Improper Locking", }, notes: [ { category: "summary", text: "Guests can trigger deadlock in Linux netback drive. The patch for XSA-392 introduced another issue which might result in a deadlock when trying to free the SKB of a packet dropped due to the XSA-392 handling (CVE-2022-42328). Additionally when dropping packages for other reasons the same deadlock could occur in case of netpoll being active for the interface the xen-netback driver is connected to (CVE-2022-42329).", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-42329", }, { cve: "CVE-2022-42432", cwe: { id: "CWE-457", name: "Use of Uninitialized Variable", }, notes: [ { category: "summary", text: "This vulnerability allows local attackers to disclose sensitive information on affected installations of the Linux Kernel 6.0-rc2. An attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the nft_osf_eval function. The issue results from the lack of proper initialization of memory prior to accessing it. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the kernel. Was ZDI-CAN-18540.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-42432", }, { cve: "CVE-2022-42703", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "mm/rmap.c in the Linux kernel before 5.19.7 has a use-after-free related to leaf anon_vma double reuse.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-42703", }, { cve: "CVE-2022-42719", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free in the mac80211 stack when parsing a multi-BSSID element in the Linux kernel 5.2 through 5.19.x before 5.19.16 could be used by attackers (able to inject WLAN frames) to crash the kernel and potentially execute code.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-42719", }, { cve: "CVE-2022-42720", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "Various refcounting bugs in the multi-BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to trigger use-after-free conditions to potentially execute code.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-42720", }, { cve: "CVE-2022-42721", cwe: { id: "CWE-835", name: "Loop with Unreachable Exit Condition ('Infinite Loop')", }, notes: [ { category: "summary", text: "A list management bug in BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to corrupt a linked list and, in turn, potentially execute code.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-42721", }, { cve: "CVE-2022-42722", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "summary", text: "In the Linux kernel 5.8 through 5.19.x before 5.19.16, local attackers able to inject WLAN frames into the mac80211 stack could cause a NULL pointer dereference denial-of-service attack against the beacon protection of P2P devices.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-42722", }, { cve: "CVE-2022-42895", cwe: { id: "CWE-824", name: "Access of Uninitialized Pointer", }, notes: [ { category: "summary", text: "There is an infoleak vulnerability in the Linux kernel's net/bluetooth/l2cap_core.c's l2cap_parse_conf_req function which can be used to leak kernel pointers remotely. We recommend upgrading past commit https://github.com/torvalds/linux/commit/b1a2cd50c0357f243b7435a732b4e62ba3157a2e", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-42895", }, { cve: "CVE-2022-42896", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "There are use-after-free vulnerabilities in the Linux kernel's net/bluetooth/l2cap_core.c's l2cap_connect and l2cap_le_connect_req functions which may allow code execution and leaking kernel memory (respectively) remotely via Bluetooth. A remote attacker could execute code leaking kernel memory via Bluetooth if within proximity of the victim. We recommend upgrading past commit https://github.com/torvalds/linux/commit/711f8c3fb3db61897080468586b970c87c61d9e4", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-42896", }, { cve: "CVE-2022-43750", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "drivers/usb/mon/mon_bin.c in usbmon in the Linux kernel before 5.19.15 and 6.x before 6.0.1 allows a user-space client to corrupt the monitor's internal memory.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 6.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-43750", }, { cve: "CVE-2022-47518", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "An issue was discovered in the Linux kernel before 6.0.11. Missing validation of the number of channels in drivers/net/wireless/microchip/wilc1000/cfg80211.c in the WILC1000 wireless driver can trigger a heap-based buffer overflow when copying the list of operating channels from Wi-Fi management frames.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-47518", }, { cve: "CVE-2022-47520", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "summary", text: "An issue was discovered in the Linux kernel before 6.0.11. Missing offset validation in drivers/net/wireless/microchip/wilc1000/hif.c in the WILC1000 wireless driver can trigger an out-of-bounds read when parsing a Robust Security Network (RSN) information element from a Netlink packet.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-47520", }, { cve: "CVE-2022-47929", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "summary", text: "In the Linux kernel before 6.1.6, a NULL pointer dereference bug in the traffic control subsystem allows an unprivileged user to trigger a denial of service (system crash) via a crafted traffic control configuration that is set up with \"tc qdisc\" and \"tc class\" commands. This affects qdisc_graft in net/sched/sch_api.c.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-47929", }, { cve: "CVE-2022-47946", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "An issue was discovered in the Linux kernel 5.10.x before 5.10.155. A use-after-free in io_sqpoll_wait_sq in fs/io_uring.c allows an attacker to crash the kernel, resulting in denial of service. finish_wait can be skipped. An attack can occur in some situations by forking a process and then quickly terminating it. NOTE: later kernel versions, such as the 5.15 longterm series, substantially changed the implementation of io_sqpoll_wait_sq.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-47946", }, { cve: "CVE-2023-0215", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "The public API function BIO_new_NDEF is a helper function used for streaming ASN.1 data via a BIO. It is primarily used internally to OpenSSL to support the SMIME, CMS and PKCS7 streaming capabilities, but may also be called directly by end user applications. The function receives a BIO from the caller, prepends a new BIO_f_asn1 filter BIO onto the front of it to form a BIO chain, and then returns the new head of the BIO chain to the caller. Under certain conditions, for example if a CMS recipient public key is invalid, the new filter BIO is freed and the function returns a NULL result indicating a failure. However, in this case, the BIO chain is not properly cleaned up and the BIO passed by the caller still retains internal pointers to the previously freed filter BIO. If the caller then goes on to call BIO_pop() on the BIO then a use-after-free will occur. This will most likely result in a crash. This scenario occurs directly in the internal function B64_write_ASN1() which may cause BIO_new_NDEF() to be called and will subsequently call BIO_pop() on the BIO. This internal function is in turn called by the public API functions PEM_write_bio_ASN1_stream, PEM_write_bio_CMS_stream, PEM_write_bio_PKCS7_stream, SMIME_write_ASN1, SMIME_write_CMS and SMIME_write_PKCS7. Other public API functions that may be impacted by this include i2d_ASN1_bio_stream, BIO_new_CMS, BIO_new_PKCS7, i2d_CMS_bio_stream and i2d_PKCS7_bio_stream. The OpenSSL cms and smime command line applications are similarly affected.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-0215", }, { cve: "CVE-2023-0286", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING but the public structure definition for GENERAL_NAME incorrectly specified the type of the x400Address field as ASN1_TYPE. This field is subsequently interpreted by the OpenSSL function GENERAL_NAME_cmp as an ASN1_TYPE rather than an ASN1_STRING. When CRL checking is enabled (i.e. the application sets the X509_V_FLAG_CRL_CHECK flag), this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call, enabling them to read memory contents or enact a denial of service. In most cases, the attack requires the attacker to provide both the certificate chain and CRL, neither of which need to have a valid signature. If the attacker only controls one of these inputs, the other input must already contain an X.400 address as a CRL distribution point, which is uncommon. As such, this vulnerability is most likely to only affect applications which have implemented their own functionality for retrieving CRLs over a network.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7.4, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-0286", }, { cve: "CVE-2023-0464", cwe: { id: "CWE-295", name: "Improper Certificate Validation", }, notes: [ { category: "summary", text: "A security vulnerability has been identified in all supported versions of OpenSSL related to the verification of X.509 certificate chains that include policy constraints. Attackers may be able to exploit this vulnerability by creating a malicious certificate chain that triggers exponential use of computational resources, leading to a denial-of-service (DoS) attack on affected systems.\r\n\r\nPolicy processing is disabled by default but can be enabled by passing the `-policy` argument to the command line utilities or by calling the `X509_VERIFY_PARAM_set1_policies()` function.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-0464", }, { cve: "CVE-2023-0465", cwe: { id: "CWE-295", name: "Improper Certificate Validation", }, notes: [ { category: "summary", text: "Applications that use a non-default option when verifying certificates may be\r\nvulnerable to an attack from a malicious CA to circumvent certain checks.\r\n\r\nInvalid certificate policies in leaf certificates are silently ignored by\r\nOpenSSL and other certificate policy checks are skipped for that certificate.\r\nA malicious CA could use this to deliberately assert invalid certificate policies\r\nin order to circumvent policy checking on the certificate altogether.\r\n\r\nPolicy processing is disabled by default but can be enabled by passing\r\nthe `-policy` argument to the command line utilities or by calling the\r\n`X509_VERIFY_PARAM_set1_policies()` function.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-0465", }, { cve: "CVE-2023-0466", cwe: { id: "CWE-295", name: "Improper Certificate Validation", }, notes: [ { category: "summary", text: "The function X509_VERIFY_PARAM_add0_policy() is documented to\nimplicitly enable the certificate policy check when doing certificate\nverification. However the implementation of the function does not\nenable the check which allows certificates with invalid or incorrect\npolicies to pass the certificate verification.\n\nAs suddenly enabling the policy check could break existing deployments it was\ndecided to keep the existing behavior of the X509_VERIFY_PARAM_add0_policy()\nfunction.\n\nInstead the applications that require OpenSSL to perform certificate\npolicy check need to use X509_VERIFY_PARAM_set1_policies() or explicitly\nenable the policy check by calling X509_VERIFY_PARAM_set_flags() with\nthe X509_V_FLAG_POLICY_CHECK flag argument.\n\nCertificate policy checks are disabled by default in OpenSSL and are not\ncommonly used by applications.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-0466", }, { cve: "CVE-2023-0590", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free flaw was found in qdisc_graft in net/sched/sch_api.c in the Linux Kernel due to a race problem. This flaw leads to a denial of service issue. If patch ebda44da44f6 (\"net: sched: fix race condition in qdisc_graft()\") not applied yet, then kernel could be affected.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-0590", }, { cve: "CVE-2023-1077", cwe: { id: "CWE-843", name: "Access of Resource Using Incompatible Type ('Type Confusion')", }, notes: [ { category: "summary", text: "In the Linux kernel, pick_next_rt_entity() may return a type confused entry, not detected by the BUG_ON condition, as the confused entry will not be NULL, but list_head.The buggy error condition would lead to a type confused entry with the list head,which would then be used as a type confused sched_rt_entity,causing memory corruption.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-1077", }, { cve: "CVE-2023-1095", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "summary", text: "In nf_tables_updtable, if nf_tables_table_enable returns an error, nft_trans_destroy is called to free the transaction object. nft_trans_destroy() calls list_del(), but the transaction was never placed on a list -- the list head is all zeroes, this results in a NULL pointer dereference.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-1095", }, { cve: "CVE-2023-1206", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "summary", text: "A hash collision flaw was found in the IPv6 connection lookup table in the Linux kernel’s IPv6 functionality when a user makes a new kind of SYN flood attack. A user located in the local network or with a high bandwidth connection can increase the CPU usage of the server that accepts IPV6 connections up to 95%.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-1206", }, { cve: "CVE-2023-2898", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "summary", text: "There is a null-pointer-dereference flaw found in f2fs_write_end_io in fs/f2fs/data.c in the Linux kernel. This flaw allows a local privileged user to cause a denial of service problem.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-2898", }, { cve: "CVE-2023-3141", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free flaw was found in r592_remove in drivers/memstick/host/r592.c in media access in the Linux Kernel. This flaw allows a local attacker to crash the system at device disconnect, possibly leading to a kernel information leak.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-3141", }, { cve: "CVE-2023-3268", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "summary", text: "An out of bounds (OOB) memory access flaw was found in the Linux kernel in relay_file_read_start_pos in kernel/relay.c in the relayfs. This flaw could allow a local attacker to crash the system or leak kernel internal information.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-3268", }, { cve: "CVE-2023-3338", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "summary", text: "A null pointer dereference flaw was found in the Linux kernel's DECnet networking protocol. This issue could allow a remote user to crash the system.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-3338", }, { cve: "CVE-2023-3389", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free vulnerability in the Linux Kernel io_uring subsystem can be exploited to achieve local privilege escalation. Racing a io_uring cancel poll request with a linked timeout can cause a UAF in a hrtimer.\r\n\r\nWe recommend upgrading past commit `ef7dfac51d8ed961b742218f526bd589f3900a59` \r\n(`4716c73b188566865bdd79c3a6709696a224ac04` for 5.10 stable and \r\n`0e388fce7aec40992eadee654193cad345d62663` for 5.15 stable).", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-3389", }, { cve: "CVE-2023-3446", cwe: { id: "CWE-1333", name: "Inefficient Regular Expression Complexity", }, notes: [ { category: "summary", text: "Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_check(), DH_check_ex() or EVP_PKEY_param_check() to check a DH key or DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. The function DH_check() performs various checks on DH parameters. One of those checks confirms that the modulus ('p' parameter) is not too large. Trying to use a very large modulus is slow and OpenSSL will not normally use a modulus which is over 10,000 bits in length. However the DH_check() function checks numerous aspects of the key or parameters that have been supplied. Some of those checks use the supplied modulus value even if it has already been found to be too large. An application that calls DH_check() and supplies a key or parameters obtained from an untrusted source could be vulernable to a Denial of Service attack. The function DH_check() is itself called by a number of other OpenSSL functions. An application calling any of those other functions may similarly be affected. The other functions affected by this are DH_check_ex() and EVP_PKEY_param_check(). Also vulnerable are the OpenSSL dhparam and pkeyparam command line applications when using the '-check' option. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-3446", }, { cve: "CVE-2023-3609", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free vulnerability in the Linux kernel's net/sched: cls_u32 component can be exploited to achieve local privilege escalation.\r\n\r\nIf tcf_change_indev() fails, u32_set_parms() will immediately return an error after incrementing or decrementing the reference counter in tcf_bind_filter(). If an attacker can control the reference counter and set it to zero, they can cause the reference to be freed, leading to a use-after-free vulnerability.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-3609", }, { cve: "CVE-2023-3610", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation.\r\n\r\nFlaw in the error handling of bound chains causes a use-after-free in the abort path of NFT_MSG_NEWRULE. The vulnerability requires CAP_NET_ADMIN to be triggered.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-3610", }, { cve: "CVE-2023-3611", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "An out-of-bounds write vulnerability in the Linux kernel's net/sched: sch_qfq component can be exploited to achieve local privilege escalation.\r\n\r\nThe qfq_change_agg() function in net/sched/sch_qfq.c allows an out-of-bounds write because lmax is updated according to packet sizes without bounds checks.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-3611", }, { cve: "CVE-2023-3772", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "summary", text: "A flaw was found in the Linux kernel's IP framework for transforming packets (XFRM subsystem). This issue may allow a malicious user with CAP_NET_ADMIN privileges to directly dereference a NULL pointer in xfrm_update_ae_params(), leading to a possible kernel crash and denial of service.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-3772", }, { cve: "CVE-2023-3773", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "summary", text: "A flaw was found in the Linux kernel's IP framework for transforming packets (XFRM subsystem). This issue may allow a malicious user with CAP_NET_ADMIN privileges to cause a 4 byte out-of-bounds read of XFRMA_MTIMER_THRESH when parsing netlink attributes, leading to potential leakage of sensitive heap data to userspace.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-3773", }, { cve: "CVE-2023-3777", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation.\n\nWhen nf_tables_delrule() is flushing table rules, it is not checked whether the chain is bound and the chain's owner rule can also release the objects in certain circumstances.\n\nWe recommend upgrading past commit 6eaf41e87a223ae6f8e7a28d6e78384ad7e407f8.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-3777", }, { cve: "CVE-2023-4004", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "A use-after-free flaw was found in the Linux kernel's netfilter in the way a user triggers the nft_pipapo_remove function with the element, without a NFT_SET_EXT_KEY_END. This issue could allow a local user to crash the system or potentially escalate their privileges on the system.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-4004", }, { cve: "CVE-2023-4015", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "The netfilter subsystem in the Linux kernel did not properly handle bound chain deactivation in certain circumstances. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 8.4, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-4015", }, { cve: "CVE-2023-4273", cwe: { id: "CWE-121", name: "Stack-based Buffer Overflow", }, notes: [ { category: "summary", text: "This vulnerability exists in the implementation of the file name reconstruction function, which is responsible for reading file name entries from a directory index and merging file name parts belonging to one file into a single long file name. Since the file name characters are copied into a stack variable, a local privileged attacker could use this vulnerability to overflow the kernel stack.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-4273", }, { cve: "CVE-2023-4623", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free vulnerability in the Linux kernel's net/sched: sch_hfsc (HFSC qdisc traffic control) component can be exploited to achieve local privilege escalation.\n\nIf a class with a link-sharing curve (i.e. with the HFSC_FSC flag set) has a parent without a link-sharing curve, then init_vf() will call vttree_insert() on the parent, but vttree_remove() will be skipped in update_vf(). This leaves a dangling pointer that can cause a use-after-free.\n\nWe recommend upgrading past commit b3d26c5702c7d6c45456326e56d2ccf3f103e60f.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-4623", }, { cve: "CVE-2023-4911", cwe: { id: "CWE-121", name: "Stack-based Buffer Overflow", }, notes: [ { category: "summary", text: "A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-4911", }, { cve: "CVE-2023-4921", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free vulnerability in the Linux kernel's net/sched: sch_qfq component can be exploited to achieve local privilege escalation.\n\nWhen the plug qdisc is used as a class of the qfq qdisc, sending network packets triggers use-after-free in qfq_dequeue() due to the incorrect .peek handler of sch_plug and lack of error checking in agg_dequeue().\n\nWe recommend upgrading past commit 8fc134fee27f2263988ae38920bc03da416b03d8.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-4921", }, { cve: "CVE-2023-5178", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free vulnerability was found in drivers/nvme/target/tcp.c` in `nvmet_tcp_free_crypto` due to a logical bug in the NVMe-oF/TCP subsystem in the Linux kernel. This issue may allow a malicious local privileged user to cause a use-after-free and double-free problem, which may permit remote code execution or lead to local privilege escalation problem.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-5178", }, { cve: "CVE-2023-5197", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation.\r\n\r\nAddition and removal of rules from chain bindings within the same transaction causes leads to use-after-free.\r\n\r\nWe recommend upgrading past commit f15f29fd4779be8a418b66e9d52979bb6d6c2325.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-5197", }, { cve: "CVE-2023-5678", cwe: { id: "CWE-754", name: "Improper Check for Unusual or Exceptional Conditions", }, notes: [ { category: "summary", text: "Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_generate_key() to generate an X9.42 DH key may experience long delays. Likewise, applications that use DH_check_pub_key(), DH_check_pub_key_ex() or EVP_PKEY_public_check() to check an X9.42 DH key or X9.42 DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. While DH_check() performs all the necessary checks (as of CVE-2023-3817), DH_check_pub_key() doesn't make any of these checks, and is therefore vulnerable for excessively large P and Q parameters. Likewise, while DH_generate_key() performs a check for an excessively large P, it doesn't check for an excessively large Q. An application that calls DH_generate_key() or DH_check_pub_key() and supplies a key or parameters obtained from an untrusted source could be vulnerable to a Denial of Service attack. DH_generate_key() and DH_check_pub_key() are also called by a number of other OpenSSL functions. An application calling any of those other functions may similarly be affected. The other functions affected by this are DH_check_pub_key_ex(), EVP_PKEY_public_check(), and EVP_PKEY_generate(). Also vulnerable are the OpenSSL pkey command line application when using the \"-pubcheck\" option, as well as the OpenSSL genpkey command line application. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-5678", }, { cve: "CVE-2023-5717", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "A heap out-of-bounds write vulnerability in the Linux kernel's Linux Kernel Performance Events (perf) component can be exploited to achieve local privilege escalation.\r\n\r\nIf perf_read_group() is called while an event's sibling_list is smaller than its child's sibling_list, it can increment or write to memory locations outside of the allocated buffer.\r\n\r\nWe recommend upgrading past commit 32671e3799ca2e4590773fd0e63aaa4229e50c06.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-5717", }, { cve: "CVE-2023-6606", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "summary", text: "An out-of-bounds read vulnerability was found in smbCalcSize in fs/smb/client/netmisc.c in the Linux Kernel. This issue could allow a local attacker to crash the system or leak internal kernel information.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-6606", }, { cve: "CVE-2023-6931", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "A heap out-of-bounds write vulnerability in the Linux kernel's Performance Events system component can be exploited to achieve local privilege escalation.\n\nA perf_event's read_size can overflow, leading to an heap out-of-bounds increment or write in perf_read_group().\n\nWe recommend upgrading past commit 382c27f4ed28f803b1f1473ac2d8db0afc795a1b.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-6931", }, { cve: "CVE-2023-6932", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free vulnerability in the Linux kernel's ipv4: igmp component can be exploited to achieve local privilege escalation.\n\nA race condition can be exploited to cause a timer be mistakenly registered on a RCU read locked object which is freed by another thread.\n\nWe recommend upgrading past commit e2b706c691905fe78468c361aaabc719d0a496f1.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-6932", }, { cve: "CVE-2023-7008", cwe: { id: "CWE-300", name: "Channel Accessible by Non-Endpoint", }, notes: [ { category: "summary", text: "A vulnerability was found in systemd-resolved. This issue may allow systemd-resolved to accept records of DNSSEC-signed domains even when they have no signature, allowing man-in-the-middles (or the upstream DNS resolver) to manipulate records.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-7008", }, { cve: "CVE-2023-7104", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, notes: [ { category: "summary", text: "A vulnerability was found in SQLite SQLite3 up to 3.43.0 and classified as critical. This issue affects the function sessionReadRecord of the file ext/session/sqlite3session.c of the component make alltest Handler. The manipulation leads to heap-based buffer overflow. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-248999.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-7104", }, { cve: "CVE-2023-23454", cwe: { id: "CWE-843", name: "Access of Resource Using Incompatible Type ('Type Confusion')", }, notes: [ { category: "summary", text: "cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service (slab-out-of-bounds read) because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results).", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-23454", }, { cve: "CVE-2023-23455", cwe: { id: "CWE-843", name: "Access of Resource Using Incompatible Type ('Type Confusion')", }, notes: [ { category: "summary", text: "atm_tc_enqueue in net/sched/sch_atm.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results).", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-23455", }, { cve: "CVE-2023-23559", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, notes: [ { category: "summary", text: "In rndis_query_oid in drivers/net/wireless/rndis_wlan.c in the Linux kernel through 6.1.5, there is an integer overflow in an addition.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-23559", }, { cve: "CVE-2023-26607", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "summary", text: "In the Linux kernel 6.0.8, there is an out-of-bounds read in ntfs_attr_find in fs/ntfs/attrib.c.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-26607", }, { cve: "CVE-2023-31085", cwe: { id: "CWE-369", name: "Divide By Zero", }, notes: [ { category: "summary", text: "An issue was discovered in drivers/mtd/ubi/cdev.c in the Linux kernel 6.2. There is a divide-by-zero error in do_div(sz,mtd->erasesize), used indirectly by ctrl_cdev_ioctl, when mtd->erasesize is 0.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-31085", }, { cve: "CVE-2023-31436", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "qfq_change_class in net/sched/sch_qfq.c in the Linux kernel before 6.2.13 allows an out-of-bounds write because lmax can exceed QFQ_MIN_LMAX.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-31436", }, { cve: "CVE-2023-32233", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "In the Linux kernel through 6.3.1, a use-after-free in Netfilter nf_tables when processing batch requests can be abused to perform arbitrary read and write operations on kernel memory. Unprivileged local users can obtain root privileges. This occurs because anonymous sets are mishandled.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-32233", }, { cve: "CVE-2023-35001", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in any user or network namespace", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-35001", }, { cve: "CVE-2023-35827", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "An issue was discovered in the Linux kernel through 6.3.8. A use-after-free was found in ravb_remove in drivers/net/ethernet/renesas/ravb_main.c.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-35827", }, { cve: "CVE-2023-36660", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "The OCB feature in libnettle in Nettle 3.9 before 3.9.1 allows memory corruption.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-36660", }, { cve: "CVE-2023-37453", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "summary", text: "An issue was discovered in the USB subsystem in the Linux kernel through 6.4.2. There is an out-of-bounds and crash in read_descriptors in drivers/usb/core/sysfs.c.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 4.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-37453", }, { cve: "CVE-2023-39189", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "summary", text: "A flaw was found in the Netfilter subsystem in the Linux kernel. The nfnl_osf_add_callback function did not validate the user mode controlled opt_num field. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, leading to a crash or information disclosure.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:L/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-39189", }, { cve: "CVE-2023-39192", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "summary", text: "A flaw was found in the Netfilter subsystem in the Linux kernel. The xt_u32 module did not validate the fields in the xt_u32 structure. This flaw allows a local privileged attacker to trigger an out-of-bounds read by setting the size fields with a value beyond the array boundaries, leading to a crash or information disclosure.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 6.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-39192", }, { cve: "CVE-2023-39193", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "summary", text: "A flaw was found in the Netfilter subsystem in the Linux kernel. The sctp_mt_check did not validate the flag_count field. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, leading to a crash or information disclosure.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 6.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-39193", }, { cve: "CVE-2023-39194", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "summary", text: "A flaw was found in the XFRM subsystem in the Linux kernel. The specific flaw exists within the processing of state filters, which can result in a read past the end of an allocated buffer. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, potentially leading to an information disclosure.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 3.2, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-39194", }, { cve: "CVE-2023-42753", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a miscalculation of the `h->nets` array offset, providing attackers with the primitive to arbitrarily increment/decrement a memory buffer out-of-bound. This issue may allow a local user to crash the system or potentially escalate their privileges on the system.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-42753", }, { cve: "CVE-2023-42754", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "summary", text: "A NULL pointer dereference flaw was found in the Linux kernel ipv4 stack. The socket buffer (skb) was assumed to be associated with a device before calling __ip_options_compile, which is not always the case if the skb is re-routed by ipvs. This issue may allow a local user with CAP_NET_ADMIN privileges to crash the system.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-42754", }, { cve: "CVE-2023-42755", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "summary", text: "A flaw was found in the IPv4 Resource Reservation Protocol (RSVP) classifier in the Linux kernel. The xprt pointer may go beyond the linear part of the skb, leading to an out-of-bounds read in the `rsvp_classify` function. This issue may allow a local user to crash the system and cause a denial of service.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-42755", }, { cve: "CVE-2023-45863", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "An issue was discovered in lib/kobject.c in the Linux kernel before 6.2.3. With root access, an attacker can trigger a race condition that results in a fill_kobj_path out-of-bounds write.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-45863", }, { cve: "CVE-2023-45871", cwe: { id: "CWE-120", name: "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", }, notes: [ { category: "summary", text: "An issue was discovered in drivers/net/ethernet/intel/igb/igb_main.c in the IGB driver in the Linux kernel before 6.5.3. A buffer size may not be adequate for frames larger than the MTU.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-45871", }, { cve: "CVE-2023-48795", cwe: { id: "CWE-222", name: "Truncation of Security-relevant Information", }, notes: [ { category: "summary", text: "The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH's use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust; and there could be effects on Bitvise SSH through 9.31.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-48795", }, { cve: "CVE-2023-50495", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "NCurse v6.4-20230418 was discovered to contain a segmentation fault via the component _nc_wrap_entry().", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-50495", }, { cve: "CVE-2023-51384", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS#11-hosted private keys, these constraints are only applied to the first key, even if a PKCS#11 token returns multiple keys.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-51384", }, { cve: "CVE-2023-51385", cwe: { id: "CWE-78", name: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", }, notes: [ { category: "summary", text: "In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters in a user name or host name.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-51385", }, { cve: "CVE-2023-51767", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "OpenSSH through 9.6, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer value of authenticated in mm_answer_authpassword does not resist flips of a single bit. NOTE: this is applicable to a certain threat model of attacker-victim co-location in which the attacker has user privileges.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-51767", }, { cve: "CVE-2024-0232", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A heap use-after-free issue has been identified in SQLite in the jsonParseAddNodeArray() function in sqlite3.c. This flaw allows a local attacker to leverage a victim to pass specially crafted malicious input to the application, potentially causing a crash and leading to a denial of service.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2024-0232", }, { cve: "CVE-2024-0553", cwe: { id: "CWE-203", name: "Observable Discrepancy", }, notes: [ { category: "summary", text: "A vulnerability was found in GnuTLS. The response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from the response times of ciphertexts with correct PKCS#1 v1.5 padding. This issue may allow a remote attacker to perform a timing side-channel attack in the RSA-PSK key exchange, potentially leading to the leakage of sensitive data. CVE-2024-0553 is designated as an incomplete resolution for CVE-2023-5981.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2024-0553", }, { cve: "CVE-2024-0567", cwe: { id: "CWE-347", name: "Improper Verification of Cryptographic Signature", }, notes: [ { category: "summary", text: "A vulnerability was found in GnuTLS, where a cockpit (which uses gnuTLS) rejects a certificate chain with distributed trust. This issue occurs when validating a certificate chain with cockpit-certificate-ensure. This flaw allows an unauthenticated, remote client or attacker to initiate a denial of service attack.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2024-0567", }, { cve: "CVE-2024-0584", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free issue was found in igmp_start_timer in net/ipv4/igmp.c in the network sub-component in the Linux Kernel. This flaw allows a local user to observe a refcnt use-after-free issue when receiving an igmp query packet, leading to a kernel information leak.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2024-0584", }, { cve: "CVE-2024-0684", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, notes: [ { category: "summary", text: "A flaw was found in the GNU coreutils \"split\" program. A heap overflow with user-controlled data of multiple hundred bytes in length could occur in the line_bytes_split() function, potentially leading to an application crash and denial of service.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2024-0684", }, { cve: "CVE-2024-22365", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "linux-pam (aka Linux PAM) before 1.6.0 allows attackers to cause a denial of service (blocked login process) via mkfifo because the openat call (for protect_dir) lacks O_DIRECTORY.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2024-22365", }, { cve: "CVE-2024-25062", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5. When using the XML Reader interface with DTD validation and XInclude expansion enabled, processing crafted XML documents can lead to an xmlValidatePopElement use-after-free.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Update to V1.1 or later version", product_ids: [ "1", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109827684/", }, { category: "workaround", details: "Only build and run applications from trusted sources", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2024-25062", }, ], }
suse-su-2023:0146-1
Vulnerability from csaf_suse
Published
2023-01-26 08:17
Modified
2023-01-26 08:17
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2022-3344: Fixed a flaw found in the KVM's AMD nested virtualization (SVM). A malicious L1 guest could purposely fail to intercept the shutdown of a cooperative nested guest (L2), possibly leading to a page fault and kernel panic in the host (L0). (bsc#1204652)
- CVE-2022-4662: Fixed a recursive locking violation in usb-storage that can cause the kernel to deadlock. (bsc#1206664)
- CVE-2022-3115: Fixed a null pointer dereference in malidp_crtc.c caused by a lack of checks of the return value of kzalloc. (bsc#1206393)
- CVE-2022-47520: Fixed an out-of-bounds read when parsing a Robust Security Network (RSN) information element from a Netlink packet. (bsc#1206515)
- CVE-2022-3112: Fixed a null pointer dereference caused by a missing check of the return value of kzalloc() in vdec_helpers.c:amvdec_set_canvases. (bsc#1206399)
- CVE-2022-3564: Fixed a bug which could lead to use after free, it was found in the function l2cap_reassemble_sdu of the file net/bluetooth/l2cap_core.c of the component Bluetooth. (bsc#1206073)
- CVE-2022-4379: Fixed a use-after-free vulnerability in nfs4file.c:__nfs42_ssc_open. (bsc#1206209)
- CVE-2022-3108: Fixed a bug in kfd_parse_subtype_iolink in drivers/gpu/drm/amd/amdkfd/kfd_crat.c where a lack of check of the return value of kmemdup() could lead to a NULL pointer dereference. (bsc#1206389)
- CVE-2022-3104: Fixed a null pointer dereference caused by caused by a missing check of the return value of kzalloc() in bugs.c:lkdtm_ARRAY_BOUNDS. (bsc#1206396)
- CVE-2022-3113: Fixed a null pointer dereference caused by a missing check of the return value of devm_kzalloc. (bsc#1206390)
- CVE-2022-3107: Fixed a null pointer dereference caused by a missing check of the return value of kvmalloc_array. (bsc#1206395)
- CVE-2022-3114: Fixed a null pointer dereference caused by a missing check of the return value of kcalloc. (bsc#1206391)
- CVE-2022-3111: Fixed a missing release of resource after effective lifetime bug caused by a missing free of the WM8350_IRQ_CHG_FAST_RDY in wm8350_init_charger. (bsc#1206394)
- CVE-2022-3105: Fixed a null pointer dereference caused by a missing check of the return value of kmalloc_array. (bsc#1206398)
- CVE-2022-3106: Fixed a null pointer dereference caused by a missing check of the return value of kmalloc. (bsc#1206397)
The following non-security bugs were fixed:
- acct: fix potential integer overflow in encode_comp_t() (git-fixes).
- ACPI: resource: Skip IRQ override on Asus Vivobook K3402ZA/K3502ZA (git-fixes).
- ACPICA: Fix error code path in acpi_ds_call_control_method() (git-fixes).
- ACPICA: Fix use-after-free in acpi_ut_copy_ipackage_to_ipackage() (git-fixes).
- ALSA: asihpi: fix missing pci_disable_device() (git-fixes).
- ALSA: hda/hdmi: Add HP Device 0x8711 to force connect list (git-fixes).
- ALSA: hda/realtek: Add quirk for Lenovo TianYi510Pro-14IOB (git-fixes).
- ALSA: hda/realtek: Apply dual codec fixup for Dell Latitude laptops (git-fixes).
- ALSA: line6: correct midi status byte when receiving data from podxt (git-fixes).
- ALSA: line6: fix stack overflow in line6_midi_transmit (git-fixes).
- ALSA: mts64: fix possible null-ptr-defer in snd_mts64_interrupt (git-fixes).
- ALSA: patch_realtek: Fix Dell Inspiron Plus 16 (git-fixes).
- ALSA: pcm: fix undefined behavior in bit shift for SNDRV_PCM_RATE_KNOT (git-fixes).
- ALSA: pcm: Set missing stop_operating flag at undoing trigger start (git-fixes).
- ALSA: seq: Fix function prototype mismatch in snd_seq_expand_var_event (git-fixes).
- ALSA: seq: fix undefined behavior in bit shift for SNDRV_SEQ_FILTER_USE_EVENT (git-fixes).
- ALSA: usb-audio: add the quirk for KT0206 device (git-fixes).
- amdgpu/pm: prevent array underflow in vega20_odn_edit_dpm_table() (git-fixes).
- apparmor: fix a memleak in multi_transaction_new() (git-fixes).
- apparmor: Fix abi check to include v8 abi (git-fixes).
- apparmor: fix lockdep warning when removing a namespace (git-fixes).
- apparmor: Fix memleak in alloc_ns() (git-fixes).
- apparmor: Use pointer to struct aa_label for lbs_cred (git-fixes).
- ARM: 9251/1: perf: Fix stacktraces for tracepoint events in THUMB2 kernels (git-fixes).
- ARM: 9256/1: NWFPE: avoid compiler-generated __aeabi_uldivmod (git-fixes).
- ARM: dts: armada-370: Fix assigned-addresses for every PCIe Root Port (git-fixes).
- ARM: dts: armada-375: Fix assigned-addresses for every PCIe Root Port (git-fixes).
- ARM: dts: armada-38x: Fix assigned-addresses for every PCIe Root Port (git-fixes).
- ARM: dts: armada-38x: Fix compatible string for gpios (git-fixes).
- ARM: dts: armada-39x: Fix assigned-addresses for every PCIe Root Port (git-fixes).
- ARM: dts: armada-39x: Fix compatible string for gpios (git-fixes).
- ARM: dts: armada-xp: Fix assigned-addresses for every PCIe Root Port (git-fixes).
- ARM: dts: dove: Fix assigned-addresses for every PCIe Root Port (git-fixes).
- ARM: dts: nuvoton: Remove bogus unit addresses from fixed-partition nodes (git-fixes).
- ARM: dts: qcom: apq8064: fix coresight compatible (git-fixes).
- ARM: dts: rockchip: disable arm_global_timer on rk3066 and rk3188 (git-fixes).
- ARM: dts: rockchip: fix ir-receiver node names (git-fixes).
- ARM: dts: rockchip: fix node name for hym8563 rtc (git-fixes).
- ARM: dts: rockchip: remove clock-frequency from rtc (git-fixes).
- ARM: dts: rockchip: rk3188: fix lcdc1-rgb24 node name (git-fixes).
- ARM: dts: spear600: Fix clcd interrupt (git-fixes).
- ARM: dts: stm32: Drop stm32mp15xc.dtsi from Avenger96 (git-fixes).
- ARM: dts: stm32: Fix AV96 WLAN regulator gpio property (git-fixes).
- ARM: dts: turris-omnia: Add ethernet aliases (git-fixes).
- ARM: dts: turris-omnia: Add switch port 6 node (git-fixes).
- ARM: mmp: fix timer_read delay (git-fixes).
- ARM: ux500: do not directly dereference __iomem (git-fixes).
- arm64: Avoid repeated AA64MMFR1_EL1 register read on pagefault path (performance bsc#1203219).
- arm64: dts: armada-3720-turris-mox: Add missing interrupt for RTC (git-fixes).
- arm64: dts: mediatek: mt6797: Fix 26M oscillator unit name (git-fixes).
- arm64: dts: mediatek: pumpkin-common: Fix devicetree warnings (git-fixes).
- arm64: dts: mt2712-evb: Fix usb vbus regulators unit names (git-fixes).
- arm64: dts: mt2712-evb: Fix vproc fixed regulators unit names (git-fixes).
- arm64: dts: mt2712e: Fix unit address for pinctrl node (git-fixes).
- arm64: dts: mt2712e: Fix unit_address_vs_reg warning for oscillators (git-fixes).
- arm64: dts: mt6779: Fix devicetree build warnings (git-fixes).
- arm64: dts: mt7622: drop r_smpl property from mmc node (git-fixes).
- arm64: dts: mt8183: drop drv-type from mmc-node (git-fixes).
- arm64: dts: mt8183: Fix Mali GPU clock (git-fixes).
- arm64: dts: qcom: ipq6018-cp01-c1: use BLSPI1 pins (git-fixes).
- arm64: dts: qcom: msm8916: Drop MSS fallback compatible (git-fixes).
- arm64: dts: qcom: msm8996: Add MSM8996 Pro support (git-fixes).
- arm64: dts: qcom: msm8996: fix GPU OPP table (git-fixes).
- arm64: dts: qcom: msm8996: fix supported-hw in cpufreq OPP tables (git-fixes).
- arm64: dts: qcom: sdm630: fix UART1 pin bias (git-fixes).
- arm64: dts: qcom: sdm845-cheza: fix AP suspend pin bias (git-fixes).
- arm64: dts: qcom: sdm845-db845c: correct SPI2 pins drive strength (git-fixes).
- arm64: dts: qcom: sdm850-lenovo-yoga-c630: correct I2C12 pins drive strength (git-fixes).
- arm64: dts: qcom: sm8250-sony-xperia-edo: fix touchscreen bias-disable (git-fixes).
- arm64: dts: qcom: sm8250: correct LPASS pin pull down (git-fixes).
- arm64: dts: qcom: sm8250: drop bogus DP PHY clock (git-fixes).
- arm64: dts: qcom: sm8250: fix USB-DP PHY registers (git-fixes).
- arm64: dts: rockchip: fix ir-receiver node names (git-fixes).
- arm64: dts: rockchip: keep I2S1 disabled for GPIO function on ROCK Pi 4 series (git-fixes).
- arm64: dts: ti: k3-am65-main: Drop dma-coherent in crypto node (git-fixes).
- arm64: dts: ti: k3-j721e-main: Drop dma-coherent in crypto node (git-fixes).
- ASoC: audio-graph-card: fix refcount leak of cpu_ep in __graph_for_each_link() (git-fixes).
- ASoC: codecs: rt298: Add quirk for KBL-R RVP platform (git-fixes).
- ASoC: cs42l51: Correct PGA Volume minimum value (git-fixes).
- ASoC: dt-bindings: wcd9335: fix reset line polarity in example (git-fixes).
- ASoC: fsl_micfil: explicitly clear CHnF flags (git-fixes).
- ASoC: fsl_micfil: explicitly clear software reset bit (git-fixes).
- ASoC: Intel: bytcr_rt5640: Add quirk for the Advantech MICA-071 tablet (git-fixes).
- ASoC: jz4740-i2s: Handle independent FIFO flush bits (git-fixes).
- ASoC: mediatek: mt8173-rt5650-rt5514: fix refcount leak in mt8173_rt5650_rt5514_dev_probe() (git-fixes).
- ASoC: mediatek: mt8173: Enable IRQ when pdata is ready (git-fixes).
- ASoC: mediatek: mt8183: fix refcount leak in mt8183_mt6358_ts3a227_max98357_dev_probe() (git-fixes).
- ASoC: mediatek: mtk-btcvsd: Add checks for write and read of mtk_btcvsd_snd (git-fixes).
- ASoC: ops: Check bounds for second channel in snd_soc_put_volsw_sx() (git-fixes).
- ASoC: ops: Correct bounds check for second channel on SX controls (git-fixes).
- ASoC: pcm512x: Fix PM disable depth imbalance in pcm512x_probe (git-fixes).
- ASoC: pxa: fix null-pointer dereference in filter() (git-fixes).
- ASoC: qcom: Add checks for devm_kcalloc (git-fixes).
- ASoC: rockchip: pdm: Add missing clk_disable_unprepare() in rockchip_pdm_runtime_resume() (git-fixes).
- ASoC: rockchip: spdif: Add missing clk_disable_unprepare() in rk_spdif_runtime_resume() (git-fixes).
- ASoC: rt5670: Remove unbalanced pm_runtime_put() (git-fixes).
- ASoC: rt711-sdca: fix the latency time of clock stop prepare state machine transitions (git-fixes).
- ASoC: soc-pcm: Add NULL check in BE reparenting (git-fixes).
- ASoC: wm8962: Wait for updated value of WM8962_CLOCKING1 register (git-fixes).
- ASoC: wm8994: Fix potential deadlock (git-fixes).
- ata: ahci: Fix PCS quirk application for suspend (git-fixes).
- binfmt_elf: fix documented return value for load_elf_phdrs() (git-fixes).
- binfmt_misc: fix shift-out-of-bounds in check_special_flags (git-fixes).
- binfmt: Fix error return code in load_elf_fdpic_binary() (git-fixes).
- block: Do not reread partition table on exclusively open device (bsc#1190969).
- Bluetooth: btintel: Fix missing free skb in btintel_setup_combined() (git-fixes).
- Bluetooth: btusb: Add debug message for CSR controllers (git-fixes).
- Bluetooth: btusb: do not call kfree_skb() under spin_lock_irqsave() (git-fixes).
- Bluetooth: hci_bcsp: do not call kfree_skb() under spin_lock_irqsave() (git-fixes).
- Bluetooth: hci_core: do not call kfree_skb() under spin_lock_irqsave() (git-fixes).
- Bluetooth: hci_h5: do not call kfree_skb() under spin_lock_irqsave() (git-fixes).
- Bluetooth: hci_ll: do not call kfree_skb() under spin_lock_irqsave() (git-fixes).
- Bluetooth: hci_qca: do not call kfree_skb() under spin_lock_irqsave() (git-fixes).
- Bluetooth: MGMT: Fix error report for ADD_EXT_ADV_PARAMS (git-fixes).
- Bluetooth: RFCOMM: do not call kfree_skb() under spin_lock_irqsave() (git-fixes).
- brcmfmac: return error when getting invalid max_flowrings from dongle (git-fixes).
- caif: fix memory leak in cfctrl_linkup_request() (git-fixes).
- can: do not increase rx statistics when generating a CAN rx error message frame (git-fixes).
- can: do not increase rx_bytes statistics for RTR frames (git-fixes).
- can: kvaser_usb_leaf: Fix bogus restart events (git-fixes).
- can: kvaser_usb_leaf: Fix wrong CAN state after stopping (git-fixes).
- can: kvaser_usb_leaf: Set Warning state even without bus errors (git-fixes).
- can: kvaser_usb: do not increase tx statistics when sending error message frames (git-fixes).
- can: kvaser_usb: kvaser_usb_leaf: fix bittiming limits (git-fixes).
- can: kvaser_usb: make use of units.h in assignment of frequency (git-fixes).
- can: m_can: fix typo prescalar -> prescaler (git-fixes).
- can: m_can: is_lec_err(): clean up LEC error handling (git-fixes).
- can: mcba_usb: Fix termination command argument (git-fixes).
- can: sja1000: fix size of OCR_MODE_MASK define (git-fixes).
- can: tcan4x5x: Remove invalid write in clear_interrupts (git-fixes).
- chardev: fix error handling in cdev_device_add() (git-fixes).
- cifs: Add 'extbuf' and 'extbuflen' args to smb2_compound_op() (bsc#1193629).
- cifs: do not block in dfs_cache_noreq_update_tgthint() (bsc#1193629).
- cifs: do not leak -ENOMEM in smb2_open_file() (bsc#1193629).
- cifs: do not refresh cached referrals from unactive mounts (bsc#1193629).
- cifs: fix confusing debug message (bsc#1193629).
- cifs: Fix kmap_local_page() unmapping (git-fixes).
- cifs: fix missing display of three mount options (bsc#1193629).
- cifs: fix oops during encryption (bsc#1199294).
- cifs: fix refresh of cached referrals (bsc#1193629).
- cifs: fix source pathname comparison of dfs supers (bsc#1193629).
- cifs: fix various whitespace errors in headers (bsc#1193629).
- cifs: get rid of mount options string parsing (bsc#1193629).
- cifs: minor cleanup of some headers (bsc#1193629).
- cifs: optimize reconnect of nested links (bsc#1193629).
- cifs: Parse owner/group for stat in smb311 posix extensions (bsc#1193629).
- cifs: print warning when conflicting soft vs. hard mount options specified (bsc#1193629).
- cifs: reduce roundtrips on create/qinfo requests (bsc#1193629).
- cifs: refresh root referrals (bsc#1193629).
- cifs: Remove duplicated include in cifsglob.h (bsc#1193629).
- cifs: remove unused smb3_fs_context::mount_options (bsc#1193629).
- cifs: set correct ipc status after initial tree connect (bsc#1193629).
- cifs: set correct status of tcon ipc when reconnecting (bsc#1193629).
- cifs: set correct tcon status after initial tree connect (bsc#1193629).
- cifs: set resolved ip in sockaddr (bsc#1193629).
- cifs: share dfs connections and supers (bsc#1193629).
- cifs: skip alloc when request has no pages (bsc#1193629).
- cifs: split out ses and tcon retrieval from mount_get_conns() (bsc#1193629).
- cifs: update internal module number (bsc#1193629).
- cifs: use fs_context for automounts (bsc#1193629).
- cifs: use origin fullpath for automounts (bsc#1193629).
- class: fix possible memory leak in __class_register() (git-fixes).
- clk: Fix pointer casting to prevent oops in devm_clk_release() (git-fixes).
- clk: generalize devm_clk_get() a bit (git-fixes).
- clk: imx: imx8mp: add shared clk gate for usb suspend clk (git-fixes).
- clk: imx: replace osc_hdmi with dummy (git-fixes).
- clk: nomadik: correct struct name kernel-doc warning (git-fixes).
- clk: Provide new devm_clk helpers for prepared and enabled clocks (git-fixes).
- clk: qcom: clk-krait: fix wrong div2 functions (git-fixes).
- clk: qcom: gcc-sm8250: Use retention mode for USB GDSCs (git-fixes).
- clk: qcom: lpass-sc7180: Fix pm_runtime usage (git-fixes).
- clk: renesas: r9a06g032: Repair grave increment error (git-fixes).
- clk: rockchip: Fix memory leak in rockchip_clk_register_pll() (git-fixes).
- clk: samsung: Fix memory leak in _samsung_clk_register_pll() (git-fixes).
- clk: socfpga: Fix memory leak in socfpga_gate_init() (git-fixes).
- clk: st: Fix memory leak in st_of_quadfs_setup() (git-fixes).
- clk: sunxi-ng: v3s: Correct the header guard of ccu-sun8i-v3s.h (git-fixes).
- clocksource/drivers/sh_cmt: Access registers according to spec (git-fixes).
- clocksource/drivers/timer-ti-dm: Fix missing clk_disable_unprepare in dmtimer_systimer_init_clock() (git-fixes).
- cpufreq: ACPI: Defer setting boost MSRs (bsc#1205485).
- cpufreq: ACPI: Only set boost MSRs on supported CPUs (bsc#1205485).
- cpufreq: ACPI: Remove unused variables 'acpi_cpufreq_online' and 'ret' (bsc#1205485).
- cpufreq: intel_pstate: Add Sapphire Rapids support in no-HWP mode (bsc#1201068).
- crypto: ccree - Make cc_debugfs_global_fini() available for module init function (git-fixes).
- crypto: ccree - Remove debugfs when platform_driver_register failed (git-fixes).
- crypto: cryptd - Use request context instead of stack for sub-request (git-fixes).
- crypto: hisilicon/qm - fix missing destroy qp_idr (git-fixes).
- crypto: img-hash - Fix variable dereferenced before check 'hdev->req' (git-fixes).
- crypto: n2 - add missing hash statesize (git-fixes).
- crypto: nitrox - avoid double free on error path in nitrox_sriov_init() (git-fixes).
- crypto: omap-sham - Use pm_runtime_resume_and_get() in omap_sham_probe() (git-fixes).
- crypto: rockchip - add fallback for ahash (git-fixes).
- crypto: rockchip - add fallback for cipher (git-fixes).
- crypto: rockchip - better handle cipher key (git-fixes).
- crypto: rockchip - do not do custom power management (git-fixes).
- crypto: rockchip - do not store mode globally (git-fixes).
- crypto: rockchip - remove non-aligned handling (git-fixes).
- crypto: rockchip - rework by using crypto_engine (git-fixes).
- crypto: sun8i-ss - use dma_addr instead u32 (git-fixes).
- crypto: tcrypt - Fix multibuffer skcipher speed test mem leak (git-fixes).
- device property: Fix documentation for fwnode_get_next_parent() (git-fixes).
- dmaengine: idxd: Fix crc_val field for completion record (git-fixes).
- docs/zh_CN: Fix '.. only::' directive's expression (git-fixes).
- Documentation: bonding: update miimon default to 100 (git-fixes).
- Documentation: devres: add missing devm_acpi_dma_controller_free() helper (git-fixes).
- Documentation: devres: add missing MEM helper (git-fixes).
- Documentation: devres: add missing PHY helpers (git-fixes).
- Documentation: devres: add missing PWM helper (git-fixes).
- Documentation/features-refresh.sh: Only sed the beginning 'arch' of ARCH_DIR (git-fixes).
- drbd: destroy workqueue when drbd device was freed (git-fixes).
- drbd: remove call to memset before free device/resource/connection (git-fixes).
- drbd: remove usage of list iterator variable after loop (git-fixes).
- drbd: set QUEUE_FLAG_STABLE_WRITES (git-fixes).
- drbd: use after free in drbd_create_device() (git-fixes).
- driver core: Fix bus_type.match() error handling in __driver_attach() (git-fixes).
- drivers: dio: fix possible memory leak in dio_init() (git-fixes).
- drivers: soc: ti: knav_qmss_queue: Mark knav_acc_firmwares as static (git-fixes).
- drm: bridge: dw_hdmi: fix preference of RGB modes over YUV420 (git-fixes).
- drm/amd/display: fix array index out of bound error in bios parser (git-fixes).
- drm/amd/display: Manually adjust strobe for DCN303 (git-fixes).
- drm/amd/display: prevent memory leak (git-fixes).
- drm/amd/display: Use the largest vready_offset in pipe group (git-fixes).
- drm/amd/pm/smu11: BACO is supported when it's in BACO state (git-fixes).
- drm/amdgpu: fix pci device refcount leak (git-fixes).
- drm/amdgpu: Fix PCI device refcount leak in amdgpu_atrm_get_bios() (git-fixes).
- drm/amdgpu: Fix type of second parameter in odn_edit_dpm_table() callback (git-fixes).
- drm/amdgpu: Fix type of second parameter in trans_msg() callback (git-fixes).
- drm/amdgpu: handle polaris10/11 overlap asics (v2) (git-fixes).
- drm/amdgpu: make display pinning more flexible (v2) (git-fixes).
- drm/amdgpu/powerplay/psm: Fix memory leak in power state init (git-fixes).
- drm/amdgpu/sdma_v4_0: turn off SDMA ring buffer in the s2idle suspend (git-fixes).
- drm/amdkfd: Fix memory leakage (git-fixes).
- drm/bridge: adv7533: remove dynamic lane switching from adv7533 bridge (git-fixes).
- drm/bridge: anx7625: Fix edid_read break case in sp_tx_edid_read() (git-fixes).
- drm/bridge: ti-sn65dsi86: Fix output polarity setting bug (git-fixes).
- drm/connector: send hotplug uevent on connector cleanup (git-fixes).
- drm/edid: Fix minimum bpc supported with DSC1.2 for HDMI sink (git-fixes).
- drm/etnaviv: add missing quirks for GC300 (git-fixes).
- drm/etnaviv: do not truncate physical page address (git-fixes).
- drm/fourcc: Add packed 10bit YUV 4:2:0 format (git-fixes).
- drm/fourcc: Fix vsub/hsub for Q410 and Q401 (git-fixes).
- drm/fsl-dcu: Fix return type of fsl_dcu_drm_connector_mode_valid() (git-fixes).
- drm/i915: Fix documentation for intel_uncore_forcewake_put__locked (git-fixes).
- drm/i915: remove circ_buf.h includes (git-fixes).
- drm/i915: unpin on error in intel_vgpu_shadow_mm_pin() (git-fixes).
- drm/i915/display: Do not disable DDI/Transcoder when setting phy test pattern (git-fixes).
- drm/i915/dsi: fix VBT send packet port selection for dual link DSI (git-fixes).
- drm/i915/gvt: fix gvt debugfs destroy (git-fixes).
- drm/i915/gvt: fix vgpu debugfs clean in remove (git-fixes).
- drm/i915/migrate: do not check the scratch page (git-fixes).
- drm/i915/migrate: fix length calculation (git-fixes).
- drm/i915/migrate: fix offset calculation (git-fixes).
- drm/i915/ttm: never purge busy objects (git-fixes).
- drm/imx: ipuv3-plane: Fix overlay plane width (git-fixes).
- drm/ingenic: Fix missing platform_driver_unregister() call in ingenic_drm_init() (git-fixes).
- drm/mediatek: Fix return type of mtk_hdmi_bridge_mode_valid() (git-fixes).
- drm/mediatek: Modify dpi power on/off sequence (git-fixes).
- drm/meson: Reduce the FIFO lines held when AFBC is not used (git-fixes).
- drm/msm: Use drm_mode_copy() (git-fixes).
- drm/panel/panel-sitronix-st7701: Remove panel on DSI attach failure (git-fixes).
- drm/panfrost: Fix GEM handle creation ref-counting (git-fixes).
- drm/radeon: Add the missed acpi_put_table() to fix memory leak (git-fixes).
- drm/radeon: Fix PCI device refcount leak in radeon_atrm_get_bios() (git-fixes).
- drm/rockchip: lvds: fix PM usage counter unbalance in poweron (git-fixes).
- drm/rockchip: Use drm_mode_copy() (git-fixes).
- drm/shmem-helper: Avoid vm_open error paths (git-fixes).
- drm/shmem-helper: Remove errant put in error path (git-fixes).
- drm/sti: Fix return type of sti_{dvo,hda,hdmi}_connector_mode_valid() (git-fixes).
- drm/sti: Use drm_mode_copy() (git-fixes).
- drm/tegra: Add missing clk_disable_unprepare() in tegra_dc_probe() (git-fixes).
- drm/vmwgfx: Do not use screen objects when SEV is active (git-fixes).
- drm/vmwgfx: Fix a sparse warning in kernel docs (git-fixes).
- drm/vmwgfx: Validate the box size for the snooped cursor (git-fixes).
- Drop FIPS mode DRBG->getrandom(2) wire-up (bsc#1191259)
- dt-bindings: clock: qcom,aoncc-sm8250: fix compatible (git-fixes).
- dt-bindings: clocks: imx8mp: Add ID for usb suspend clock (git-fixes).
- dt-bindings: display: sun6i-dsi: Fix clock conditional (git-fixes).
- dt-bindings: gpio: gpio-davinci: Increase maxItems in gpio-line-names (git-fixes).
- dt-bindings: net: sun8i-emac: Add phy-supply property (git-fixes).
- EDAC/mc_sysfs: Increase legacy channel support to 12 (bsc#1205263).
- efi: Add iMac Pro 2017 to uefi skip cert quirk (git-fixes).
- ext4: avoid BUG_ON when creating xattrs (bsc#1205496).
- extcon: usbc-tusb320: Add support for mode setting and reset (git-fixes).
- extcon: usbc-tusb320: Add support for TUSB320L (git-fixes).
- extcon: usbc-tusb320: Factor out extcon into dedicated functions (git-fixes).
- fbcon: Use kzalloc() in fbcon_prepare_logo() (git-fixes).
- fbdev: fbcon: release buffer when fbcon_do_set_font() failed (git-fixes).
- fbdev: geode: do not build on UML (git-fixes).
- fbdev: matroxfb: G200eW: Increase max memory from 1 MB to 16 MB (git-fixes).
- fbdev: pm2fb: fix missing pci_disable_device() (git-fixes).
- fbdev: ssd1307fb: Drop optional dependency (git-fixes).
- fbdev: uvesafb: do not build on UML (git-fixes).
- fbdev: uvesafb: Fixes an error handling path in uvesafb_probe() (git-fixes).
- fbdev: vermilion: decrease reference count in error path (git-fixes).
- fbdev: via: Fix error in via_core_init() (git-fixes).
- firmware: raspberrypi: fix possible memory leak in rpi_firmware_probe() (git-fixes).
- floppy: Fix memory leak in do_floppy_init() (git-fixes).
- gpio: sifive: Fix refcount leak in sifive_gpio_probe (git-fixes).
- gpiolib: cdev: fix NULL-pointer dereferences (git-fixes).
- gpiolib: check the 'ngpios' property in core gpiolib code (git-fixes).
- gpiolib: fix memory leak in gpiochip_setup_dev() (git-fixes).
- gpiolib: Get rid of redundant 'else' (git-fixes).
- gpiolib: improve coding style for local variables (git-fixes).
- gpiolib: make struct comments into real kernel docs (git-fixes).
- hamradio: baycom_epp: Fix return type of baycom_send_packet() (git-fixes).
- hamradio: do not call dev_kfree_skb() under spin_lock_irqsave() (git-fixes).
- HID: hid-sensor-custom: set fixed size for custom attributes (git-fixes).
- HID: ite: Enable QUIRK_TOUCHPAD_ON_OFF_REPORT on Acer Aspire Switch V 10 (git-fixes).
- HID: mcp2221: do not connect hidraw (git-fixes).
- HID: multitouch: fix Asus ExpertBook P2 P2451FA trackpoint (git-fixes).
- HID: plantronics: Additional PIDs for double volume key presses quirk (git-fixes).
- HID: uclogic: Add HID_QUIRK_HIDINPUT_FORCE quirk (git-fixes).
- HID: usbhid: Add ALWAYS_POLL quirk for some mice (git-fixes).
- HID: wacom: Ensure bootloader PID is usable in hidraw mode (git-fixes).
- HSI: omap_ssi_core: Fix error handling in ssi_init() (git-fixes).
- HSI: omap_ssi_core: fix possible memory leak in ssi_probe() (git-fixes).
- HSI: omap_ssi_core: fix unbalanced pm_runtime_disable() (git-fixes).
- hwmon: (jc42) Convert register access and caching to regmap/regcache (git-fixes).
- hwmon: (jc42) Fix missing unlock on error in jc42_write() (git-fixes).
- hwmon: (jc42) Restore the min/max/critical temperatures on resume (git-fixes).
- hwrng: amd - Fix PCI device refcount leak (git-fixes).
- i2c: ismt: Fix an out-of-bounds bug in ismt_access() (git-fixes).
- i2c: mux: reg: check return value after calling platform_get_resource() (git-fixes).
- i2c: pxa-pci: fix missing pci_disable_device() on error in ce4100_i2c_probe (git-fixes).
- IB/IPoIB: Fix queue count inconsistency for PKEY child interfaces (git-fixes)
- ibmveth: Always stop tx queues during close (bsc#1065729).
- iio: adc: ad_sigma_delta: do not use internal iio_dev lock (git-fixes).
- iio: adc128s052: add proper .data members in adc128_of_match table (git-fixes).
- iio: fix memory leak in iio_device_register_eventset() (git-fixes).
- iio: temperature: ltc2983: make bulk write buffer DMA-safe (git-fixes).
- ima: Fix a potential NULL pointer access in ima_restore_measurement_list (git-fixes).
- Input: elants_i2c - properly handle the reset GPIO when power is off (git-fixes).
- Input: joystick - fix Kconfig warning for JOYSTICK_ADC (git-fixes).
- Input: wistron_btns - disable on UML (git-fixes).
- integrity: Fix memory leakage in keyring allocation error path (git-fixes).
- ipmi: fix long wait in unload when IPMI disconnect (git-fixes).
- ipmi: fix memleak when unload ipmi driver (git-fixes).
- ipmi: fix use after free in _ipmi_destroy_user() (git-fixes).
- ipmi: kcs: Poll OBF briefly to reduce OBE latency (git-fixes).
- ipu3-imgu: Fix NULL pointer dereference in imgu_subdev_set_selection() (git-fixes).
- kABI: reintroduce a non-inline usleep_range (git-fixes).
- lib/debugobjects: fix stat count and optimize debug_objects_mem_init (git-fixes).
- lib/fonts: fix undefined behavior in bit shift for get_default_font (git-fixes).
- mailbox: arm_mhuv2: Fix return value check in mhuv2_probe() (git-fixes).
- mailbox: mpfs: read the system controller's status (git-fixes).
- mailbox: zynq-ipi: fix error handling while device_register() fails (git-fixes).
- media: adv748x: afe: Select input port when initializing AFE (git-fixes).
- media: camss: Clean up received buffers on failed start of streaming (git-fixes).
- media: dvb-core: Fix double free in dvb_register_device() (git-fixes).
- media: dvb-core: Fix ignored return value in dvb_register_frontend() (git-fixes).
- media: dvb-frontends: fix leak of memory fw (git-fixes).
- media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer() (git-fixes).
- media: dvb-usb: fix memory leak in dvb_usb_adapter_init() (git-fixes).
- media: i2c: ad5820: Fix error path (git-fixes).
- media: imon: fix a race condition in send_packet() (git-fixes).
- media: saa7164: fix missing pci_disable_device() (git-fixes).
- media: si470x: Fix use-after-free in si470x_int_in_callback() (git-fixes).
- media: solo6x10: fix possible memory leak in solo_sysfs_init() (git-fixes).
- media: stv0288: use explicitly signed char (git-fixes).
- media: v4l2-ctrls: Fix off-by-one error in integer menu control check (git-fixes).
- media: v4l2-dv-timings.c: fix too strict blanking sanity checks (git-fixes).
- media: videobuf-dma-contig: use dma_mmap_coherent (git-fixes).
- media: vidtv: Fix use-after-free in vidtv_bridge_dvb_init() (git-fixes).
- media: vimc: Fix wrong function called when vimc_init() fails (git-fixes).
- media: vivid: fix compose size exceed boundary (git-fixes).
- memcg, kmem: further deprecate kmem.limit_in_bytes (bsc#1206896).
- memcg: Fix possible use-after-free in memcg_write_event_control() (bsc#1206344).
- mfd: bd957x: Fix Kconfig dependency on REGMAP_IRQ (git-fixes).
- mfd: mt6360: Add bounds checking in Regmap read/write call-backs (git-fixes).
- mfd: pm8008: Fix return value check in pm8008_probe() (git-fixes).
- mfd: pm8008: Remove driver data structure pm8008_data (git-fixes).
- mfd: qcom_rpm: Fix an error handling path in qcom_rpm_probe() (git-fixes).
- mfd: qcom_rpm: Use devm_of_platform_populate() to simplify code (git-fixes).
- misc: ocxl: fix possible name leak in ocxl_file_register_afu() (git-fixes).
- misc: tifm: fix possible memory leak in tifm_7xx1_switch_media() (git-fixes).
- mISDN: hfcmulti: do not call dev_kfree_skb/kfree_skb() under spin_lock_irqsave() (git-fixes).
- mISDN: hfcpci: do not call dev_kfree_skb/kfree_skb() under spin_lock_irqsave() (git-fixes).
- mISDN: hfcsusb: do not call dev_kfree_skb/kfree_skb() under spin_lock_irqsave() (git-fixes).
- mm: fix race between MADV_FREE reclaim and blkdev direct IO read (bsc#1204989,bsc#1205601).
- mm/mempolicy: fix memory leak in set_mempolicy_home_node system call (bsc#1206468).
- mmc: alcor: fix return value check of mmc_add_host() (git-fixes).
- mmc: atmel-mci: fix return value check of mmc_add_host() (git-fixes).
- mmc: core: Normalize the error handling branch in sd_read_ext_regs() (git-fixes).
- mmc: f-sdh30: Add quirks for broken timeout clock capability (git-fixes).
- mmc: meson-gx: fix return value check of mmc_add_host() (git-fixes).
- mmc: mmci: fix return value check of mmc_add_host() (git-fixes).
- mmc: moxart: fix return value check of mmc_add_host() (git-fixes).
- mmc: mtk-sd: Fix missing clk_disable_unprepare in msdc_of_clock_parse() (git-fixes).
- mmc: mxcmmc: fix return value check of mmc_add_host() (git-fixes).
- mmc: omap_hsmmc: fix return value check of mmc_add_host() (git-fixes).
- mmc: pxamci: fix return value check of mmc_add_host() (git-fixes).
- mmc: renesas_sdhi: alway populate SCC pointer (git-fixes).
- mmc: renesas_sdhi: better reset from HS400 mode (git-fixes).
- mmc: rtsx_pci: fix return value check of mmc_add_host() (git-fixes).
- mmc: rtsx_usb_sdmmc: fix return value check of mmc_add_host() (git-fixes).
- mmc: sdhci-sprd: Disable CLK_AUTO when the clock is less than 400K (git-fixes).
- mmc: toshsd: fix return value check of mmc_add_host() (git-fixes).
- mmc: via-sdmmc: fix return value check of mmc_add_host() (git-fixes).
- mmc: vub300: fix return value check of mmc_add_host() (git-fixes).
- mmc: vub300: fix warning - do not call blocking ops when !TASK_RUNNING (git-fixes).
- mmc: wbsd: fix return value check of mmc_add_host() (git-fixes).
- mmc: wmt-sdmmc: fix return value check of mmc_add_host() (git-fixes).
- module: change to print useful messages from elf_validity_check() (git-fixes).
- module: fix [e_shstrndx].sh_size=0 OOB access (git-fixes).
- mt76: stop the radar detector after leaving dfs channel (git-fixes).
- mtd: Fix device name leak when register device failed in add_mtd_device() (git-fixes).
- mtd: lpddr2_nvm: Fix possible null-ptr-deref (git-fixes).
- mtd: maps: pxa2xx-flash: fix memory leak in probe (git-fixes).
- mtd: spi-nor: Check for zero erase size in spi_nor_find_best_erase_type() (git-fixes).
- mtd: spi-nor: Fix the number of bytes for the dummy cycles (git-fixes).
- mtd: spi-nor: hide jedec_id sysfs attribute if not present (git-fixes).
- net: allow retransmitting a TCP packet if original is still in queue (bsc#1188605 bsc#1187428 bsc#1206619).
- net: mana: Fix race on per-CQ variable napi work_done (git-fixes).
- net: phy: xgmiitorgmii: Fix refcount leak in xgmiitorgmii_probe (git-fixes).
- net: usb: qmi_wwan: add u-blox 0x1342 composition (git-fixes).
- net: usb: smsc95xx: fix external PHY reset (git-fixes).
- net/mlx5: Fix mlx5_get_next_dev() peer device matching (bsc#1206536).
- net/mlx5: Lag, filter non compatible devices (bsc#1206536).
- netfilter: nfnetlink_osf: fix possible bogus match in nf_osf_find() (bsc#1204614).
- nfc: Fix potential resource leaks (git-fixes).
- nfc: pn533: Clear nfc_target before being used (git-fixes).
- nfc: pn533: Wait for out_urb's completion in pn533_usb_send_frame() (git-fixes).
- NFS: Handle missing attributes in OPEN reply (bsc#1203740).
- nilfs2: fix shift-out-of-bounds due to too large exponent of block size (git-fixes).
- nilfs2: fix shift-out-of-bounds/overflow in nilfs_sb2_bad_offset() (git-fixes).
- octeontx2-af: Add PTP PPS Errata workaround on CN10K silicon (jsc#SLE-24682).
- octeontx2-af: Allow mkex profile without DMAC and add L2M/L2B header extraction support (jsc#SLE-24682).
- octeontx2-af: Do not reset previous pfc config (jsc#SLE-24682).
- octeontx2-af: fix operand size in bitwise operation (jsc#SLE-24682).
- octeontx2-af: Initialize PTP_SEC_ROLLOVER register properly (jsc#SLE-24682).
- octeontx2-af: Limit link bringup time at firmware (jsc#SLE-24682).
- octeontx2-af: return correct ptp timestamp for CN10K silicon (jsc#SLE-24682).
- octeontx2-af: Set NIX link credits based on max LMAC (jsc#SLE-24682).
- octeontx2-af: Skip CGX/RPM probe incase of zero lmac count (jsc#SLE-24682).
- octeontx2-pf: Add egress PFC support (jsc#SLE-24682).
- octeontx2-pf: Add support for ptp 1-step mode on CN10K silicon (jsc#SLE-24682).
- octeontx2-pf: Fix lmtst ID used in aura free (jsc#SLE-24682).
- octeontx2-pf: Fix pfc_alloc_status array overflow (jsc#SLE-24682).
- octeontx2-pf: Fix SQE threshold checking (jsc#SLE-24682).
- octeontx2-pf: Fix unused variable build error (jsc#SLE-24682).
- octeontx2-pf: NIX TX overwrites SQ_CTX_HW_S[SQ_INT] (jsc#SLE-24682).
- octeontx2-pf: Reduce minimum mtu size to 60 (jsc#SLE-24682).
- octeontx2: Modify mbox request and response structures (jsc#SLE-24682).
- padata: Fix list iterator in padata_do_serial() (git-fixes).
- PCI: Check for alloc failure in pci_request_irq() (git-fixes).
- PCI: dwc: Fix n_fts[] array overrun (git-fixes).
- PCI: Fix pci_device_is_present() for VFs by checking PF (git-fixes).
- PCI: pci-epf-test: Register notifier if only core_init_notifier is enabled (git-fixes).
- PCI: vmd: Disable MSI remapping after suspend (git-fixes).
- PCI/sysfs: Fix double free in error path (git-fixes).
- phy: usb: s2 WoL wakeup_count not incremented for USB->Eth devices (git-fixes).
- pinctrl: k210: call of_node_put() (git-fixes).
- pinctrl: meditatek: Startup with the IRQs disabled (git-fixes).
- pinctrl: pinconf-generic: add missing of_node_put() (git-fixes).
- platform/chrome: cros_ec_typec: Cleanup switch handle return paths (git-fixes).
- platform/chrome: cros_usbpd_notify: Fix error handling in cros_usbpd_notify_init() (git-fixes).
- platform/mellanox: mlxbf-pmc: Fix event typo (git-fixes).
- platform/x86: huawei-wmi: fix return value calculation (git-fixes).
- platform/x86: intel_scu_ipc: fix possible name leak in __intel_scu_ipc_register() (git-fixes).
- platform/x86: mxm-wmi: fix memleak in mxm_wmi_call_mx[ds|mx]() (git-fixes).
- PM: hibernate: Fix mistake in kerneldoc comment (git-fixes).
- PM: runtime: Do not call __rpm_callback() from rpm_idle() (git-fixes).
- PNP: fix name memory leak in pnp_alloc_dev() (git-fixes).
- power: supply: ab8500: Fix error handling in ab8500_charger_init() (git-fixes).
- power: supply: fix null pointer dereferencing in power_supply_get_battery_info (git-fixes).
- power: supply: fix residue sysfs file in error handle route of __power_supply_register() (git-fixes).
- power: supply: z2_battery: Fix possible memleak in z2_batt_probe() (git-fixes).
- powerpc: export the CPU node count (bsc#1207016 ltc#201108).
- powerpc: Take in account addition CPU node when building kexec FDT (bsc#1207016 ltc#201108).
- powerpc/64: Init jump labels before parse_early_param() (bsc#1065729).
- powerpc/pci: Fix get_phb_number() locking (bsc#1065729).
- powerpc/perf: callchain validate kernel stack pointer bounds (bsc#1065729).
- powerpc/powernv: add missing of_node_put (bsc#1065729).
- powerpc/pseries: unregister VPA when hot unplugging a CPU (bsc#1205695 ltc#200603).
- powerpc/pseries/eeh: use correct API for error log size (bsc#1065729).
- powerpc/rtas: avoid device tree lookups in rtas_os_term() (bsc#1065729).
- powerpc/rtas: avoid scheduling in rtas_os_term() (bsc#1065729).
- powerpc/xive: add missing iounmap() in error path in xive_spapr_populate_irq_data() (git-fixes).
- powerpc/xive/spapr: correct bitmap allocation size (git-fixes).
- proc: fixup uptime selftest (git-fixes).
- pstore: Avoid kcore oops by vmap()ing with VM_IOREMAP (git-fixes).
- pstore: Make sure CONFIG_PSTORE_PMSG selects CONFIG_RT_MUTEXES (git-fixes).
- pstore: Properly assign mem_type property (git-fixes).
- pstore: Switch pmsg_lock to an rt_mutex to avoid priority inversion (git-fixes).
- pstore/ram: Fix error return code in ramoops_probe() (git-fixes).
- pstore/zone: Use GFP_ATOMIC to allocate zone buffer (git-fixes).
- pwm: lpc18xx-sct: Fix a comment to match code (git-fixes).
- pwm: mediatek: always use bus clock for PWM on MT7622 (git-fixes).
- pwm: sifive: Call pwm_sifive_update_clock() while mutex is held (git-fixes).
- pwm: tegra: Improve required rate calculation (git-fixes).
- r6040: Fix kmemleak in probe and remove (git-fixes).
- random: allow partial reads if later user copies fail (bsc#1204911).
- random: check for signals every PAGE_SIZE chunk of /dev/random (bsc#1204911).
- random: convert to using fops->read_iter() (bsc#1204911).
- random: convert to using fops->write_iter() (bsc#1204911).
- random: remove outdated INT_MAX >> 6 check in urandom_read() (bsc#1204911).
- random: zero buffer after reading entropy from userspace (bsc#1204911).
- RDMA: Disable IB HW for UML (git-fixes)
- RDMA/core: Fix order of nldev_exit call (git-fixes)
- RDMA/core: Make sure 'ib_port' is valid when access sysfs node (git-fixes)
- RDMA/efa: Add EFA 0xefa2 PCI ID (git-fixes)
- RDMA/hfi: Decrease PCI device reference count in error path (git-fixes)
- RDMA/hfi1: Fix error return code in parse_platform_config() (git-fixes)
- RDMA/hns: Fix AH attr queried by query_qp (git-fixes)
- RDMA/hns: Fix error code of CMD (git-fixes)
- RDMA/hns: Fix ext_sge num error when post send (git-fixes)
- RDMA/hns: fix memory leak in hns_roce_alloc_mr() (git-fixes)
- RDMA/hns: Fix page size cap from firmware (git-fixes)
- RDMA/hns: Fix PBL page MTR find (git-fixes)
- RDMA/hns: Fix XRC caps on HIP08 (git-fixes)
- RDMA/hns: Repacing 'dseg_len' by macros in fill_ext_sge_inl_data() (git-fixes)
- RDMA/irdma: Do not request 2-level PBLEs for CQ alloc (git-fixes)
- RDMA/irdma: Initialize net_type before checking it (git-fixes)
- RDMA/irdma: Report the correct link speed (git-fixes)
- RDMA/nldev: Add checks for nla_nest_start() in fill_stat_counter_qps() (git-fixes)
- RDMA/nldev: Fix failure to send large messages (git-fixes)
- RDMA/nldev: Return '-EAGAIN' if the cm_id isn't from expected port (git-fixes)
- RDMA/restrack: Release MR restrack when delete (git-fixes)
- RDMA/rxe: Fix NULL-ptr-deref in rxe_qp_do_cleanup() when socket create failed (git-fixes)
- RDMA/siw: Fix immediate work request flush to completion queue (git-fixes)
- RDMA/siw: Fix pointer cast warning (git-fixes)
- RDMA/siw: Set defined status for work completion with undefined status (git-fixes)
- RDMA/srp: Fix error return code in srp_parse_options() (git-fixes)
- regulator: bd718x7: Drop unnecessary info print (git-fixes).
- regulator: core: fix deadlock on regulator enable (git-fixes).
- regulator: core: fix module refcount leak in set_supply() (git-fixes).
- regulator: core: fix resource leak in regulator_register() (git-fixes).
- regulator: core: fix unbalanced of node refcount in regulator_dev_lookup() (git-fixes).
- regulator: core: fix use_count leakage when handling boot-on (git-fixes).
- regulator: core: use kfree_const() to free space conditionally (git-fixes).
- regulator: qcom-labibb: Fix missing of_node_put() in qcom_labibb_regulator_probe() (git-fixes).
- regulator: qcom-rpmh: Fix PMR735a S3 regulator spec (git-fixes).
- regulator: slg51000: Wait after asserting CS pin (git-fixes).
- regulator: twl6030: fix get status of twl6032 regulators (git-fixes).
- remoteproc: core: Do pm_relax when in RPROC_OFFLINE state (git-fixes).
- remoteproc: qcom_q6v5_pas: detach power domains on remove (git-fixes).
- remoteproc: qcom_q6v5_pas: disable wakeup on probe fail or remove (git-fixes).
- remoteproc: qcom_q6v5_pas: Fix missing of_node_put() in adsp_alloc_memory_region() (git-fixes).
- remoteproc: qcom: q6v5: Fix missing clk_disable_unprepare() in q6v5_wcss_qcs404_power_on() (git-fixes).
- remoteproc: qcom: q6v5: Fix potential null-ptr-deref in q6v5_wcss_init_mmio() (git-fixes).
- remoteproc: sysmon: fix memory leak in qcom_add_sysmon_subdev() (git-fixes).
- restore m_can_lec_type (git-fixes).
- rtc: cmos: fix build on non-ACPI platforms (git-fixes).
- rtc: cmos: Fix event handler registration ordering issue (git-fixes).
- rtc: cmos: Fix wake alarm breakage (git-fixes).
- rtc: ds1347: fix value written to century register (git-fixes).
- rtc: mxc_v2: Add missing clk_disable_unprepare() (git-fixes).
- rtc: pcf85063: fix pcf85063_clkout_control (gut-fixes).
- rtc: pcf85063: Fix reading alarm (git-fixes).
- rtc: pic32: Move devm_rtc_allocate_device earlier in pic32_rtc_probe() (git-fixes).
- rtc: rtc-cmos: Do not check ACPI_FADT_LOW_POWER_S0 (git-fixes).
- rtc: snvs: Allow a time difference on clock register read (git-fixes).
- rtc: st-lpc: Add missing clk_disable_unprepare in st_rtc_probe() (git-fixes).
- rtmutex: Add acquire semantics for rtmutex lock acquisition slow path (bnc#1203829).
- s390/boot: add secure boot trailer (bsc#1205257 LTC#200451).
- sbitmap: fix lockup while swapping (bsc#1206602).
- sched/core: Fix comparison in sched_group_cookie_match() (git-fixes)
- sched/core: Fix the bug that task won't enqueue into core (git-fixes)
- sched/topology: Remove redundant variable and fix incorrect (git-fixes)
- sched/uclamp: Fix relationship between uclamp and migration (git-fixes)
- sched/uclamp: Make task_fits_capacity() use util_fits_cpu() (git-fixes)
- scsi: 3w-9xxx: Avoid disabling device if failing to enable it (git-fixes).
- scsi: advansys: Fix kernel pointer leak (git-fixes).
- scsi: aha152x: Fix aha152x_setup() __setup handler return value (git-fixes).
- scsi: bfa: Replace snprintf() with sysfs_emit() (git-fixes).
- scsi: core: Fix sbitmap depth in scsi_realloc_sdev_budget_map() (git-fixes).
- scsi: core: Fix scsi_mode_sense() buffer length handling (git-fixes).
- scsi: core: Reallocate device's budget map on queue depth change (git-fixes).
- scsi: core: Restrict legal sdev_state transitions via sysfs (git-fixes).
- scsi: hisi_sas: Free irq vectors in order for v3 HW (git-fixes).
- scsi: hisi_sas: Limit max hw sectors for v3 HW (git-fixes).
- scsi: hisi_sas: Use managed PCI functions (git-fixes).
- scsi: ipr: Fix missing/incorrect resource cleanup in error case (git-fixes).
- scsi: iscsi: Add recv workqueue helpers (git-fixes).
- scsi: iscsi: Fix harmless double shift bug (git-fixes).
- scsi: iscsi: Fix possible memory leak when device_register() failed (git-fixes).
- scsi: iscsi: iscsi_tcp: Fix null-ptr-deref while calling getpeername() (git-fixes).
- scsi: iscsi: kabi: add iscsi_conn_queue_work back (git-fixes).
- scsi: iscsi: kabi: fix libiscsi new field (git-fixes).
- scsi: iscsi: Merge suspend fields (git-fixes).
- scsi: iscsi: Rename iscsi_conn_queue_work() (git-fixes).
- scsi: iscsi: Run recv path from workqueue (git-fixes).
- scsi: iscsi: Unblock session then wake up error handler (git-fixes).
- scsi: libfc: Fix use after free in fc_exch_abts_resp() (git-fixes).
- scsi: libiscsi: Fix UAF in iscsi_conn_get_param()/iscsi_conn_teardown() (git-fixes).
- scsi: lpfc: Correct bandwidth logging during receipt of congestion sync WCQE (jsc#PED-1445).
- scsi: lpfc: Fix crash involving race between FLOGI timeout and devloss handler (jsc#PED-1445).
- scsi: lpfc: Fix MI capability display in cmf_info sysfs attribute (jsc#PED-1445).
- scsi: lpfc: Fix WQ|CQ|EQ resource check (jsc#PED-1445).
- scsi: lpfc: Remove linux/msi.h include (jsc#PED-1445).
- scsi: lpfc: Remove redundant pointer 'lp' (jsc#PED-1445).
- scsi: lpfc: Update lpfc version to 14.2.0.9 (jsc#PED-1445).
- scsi: lpfc: Use memset_startat() helper (jsc#PED-1445).
- scsi: megaraid_sas: Fix double kfree() (git-fixes).
- scsi: megaraid_sas: Target with invalid LUN ID is deleted during scan (git-fixes).
- scsi: megaraid: Fix error check return value of register_chrdev() (git-fixes).
- scsi: mpi3mr: Fix memory leaks (git-fixes).
- scsi: mpi3mr: Fix reporting of actual data transfer size (git-fixes).
- scsi: mpi3mr: Fixes around reply request queues (git-fixes).
- scsi: mpt3sas: Do not change DMA mask while reallocating pools (bsc#1206912,bsc#1206098).
- scsi: mpt3sas: Fail reset operation if config request timed out (git-fixes).
- scsi: mpt3sas: Fix out-of-bounds compiler warning (git-fixes).
- scsi: mpt3sas: re-do lost mpt3sas DMA mask fix (bsc#1206912,bsc#1206098).
- scsi: mpt3sas: Remove usage of dma_get_required_mask() API (bsc#1206912,bsc#1206098).
- scsi: mvsas: Add PCI ID of RocketRaid 2640 (git-fixes).
- scsi: mvsas: Replace snprintf() with sysfs_emit() (git-fixes).
- scsi: myrb: Fix up null pointer access on myrb_cleanup() (git-fixes).
- scsi: myrs: Fix crash in error case (git-fixes).
- scsi: ncr53c8xx: Remove unused retrieve_from_waiting_list() function (git-fixes).
- scsi: pm8001: Fix bogus FW crash for maxcpus=1 (git-fixes).
- scsi: pm8001: Fix memory leak in pm8001_chip_fw_flash_update_req() (git-fixes).
- scsi: pm8001: Fix pm8001_mpi_task_abort_resp() (git-fixes).
- scsi: pm8001: Fix pm80xx_pci_mem_copy() interface (git-fixes).
- scsi: pm8001: Fix tag leaks on error (git-fixes).
- scsi: pm8001: Fix task leak in pm8001_send_abort_all() (git-fixes).
- scsi: pm8001: Fix use-after-free for aborted SSP/STP sas_task (git-fixes).
- scsi: pm8001: Fix use-after-free for aborted TMF sas_task (git-fixes).
- scsi: pm80xx: Fix double completion for SATA devices (git-fixes).
- scsi: pm80xx: Fix memory leak during rmmod (git-fixes).
- scsi: pmcraid: Fix missing resource cleanup in error case (git-fixes).
- scsi: qedf: Add stag_work to all the vports (git-fixes).
- scsi: qedf: Change context reset messages to ratelimited (git-fixes).
- scsi: qedf: Fix a UAF bug in __qedf_probe() (git-fixes).
- scsi: qedf: Fix refcount issue when LOGO is received during TMF (git-fixes).
- scsi: qla2xxx: Fix crash when I/O abort times out (jsc#PED-568).
- scsi: qla2xxx: Fix set-but-not-used variable warnings (jsc#PED-568).
- scsi: qla2xxx: Initialize vha->unknown_atio_[list, work] for NPIV hosts (jsc#PED-568).
- scsi: qla2xxx: Remove duplicate of vha->iocb_work initialization (jsc#PED-568).
- scsi: qla2xxx: Remove unused variable 'found_devs' (jsc#PED-568).
- scsi: scsi_debug: Fix out-of-bound read in resp_readcap16() (git-fixes).
- scsi: scsi_debug: Fix out-of-bound read in resp_report_tgtpgs() (git-fixes).
- scsi: scsi_debug: Fix possible UAF in sdebug_add_host_helper() (git-fixes).
- scsi: scsi_debug: Make the READ CAPACITY response compliant with ZBC (git-fixes).
- scsi: scsi_dh_alua: Properly handle the ALUA transitioning state (git-fixes).
- scsi: smartpqi: Fix kdump issue when controller is locked up (git-fixes).
- scsi: sr: Do not use GFP_DMA (git-fixes).
- scsi: ufs: core: Fix ufshcd_probe_hba() prototype to match the definition (git-fixes).
- scsi: ufs: Fix a kernel crash during shutdown (git-fixes).
- scsi: ufs: Treat link loss as fatal error (git-fixes).
- scsi: ufs: ufshcd-pltfrm: Check the return value of devm_kstrdup() (git-fixes).
- scsi: ufs: Use generic error code in ufshcd_set_dev_pwr_mode() (git-fixes).
- scsi: ufs: Use pm_runtime_resume_and_get() instead of pm_runtime_get_sync() (git-fixes).
- scsi: vmw_pvscsi: Expand vcpuHint to 16 bits (git-fixes).
- sctp: sysctl: make extra pointers netns aware (bsc#1204760).
- selftests: devlink: fix the fd redirect in dummy_reporter_test (git-fixes).
- selftests: set the BUILD variable to absolute path (git-fixes).
- selftests: Use optional USERCFLAGS and USERLDFLAGS (git-fixes).
- selftests/efivarfs: Add checking of the test return value (git-fixes).
- selftests/ftrace: event_triggers: wait longer for test_event_enable (git-fixes).
- selftests/powerpc: Fix resource leaks (git-fixes).
- serial: 8250_bcm7271: Fix error handling in brcmuart_init() (git-fixes).
- serial: amba-pl011: avoid SBSA UART accessing DMACR register (git-fixes).
- serial: pch: Fix PCI device refcount leak in pch_request_dma() (git-fixes).
- serial: pl011: Do not clear RX FIFO & RX interrupt in unthrottle (git-fixes).
- serial: stm32: move dma_request_chan() before clk_prepare_enable() (git-fixes).
- serial: sunsab: Fix error handling in sunsab_init() (git-fixes).
- serial: tegra: Read DMA status before terminating (git-fixes).
- soc: mediatek: pm-domains: Fix the power glitch issue (git-fixes).
- soc: qcom: llcc: make irq truly optional (git-fixes).
- soc: qcom: Select REMAP_MMIO for LLCC driver (git-fixes).
- soc: ti: knav_qmss_queue: Fix PM disable depth imbalance in knav_queue_probe (git-fixes).
- soc: ti: knav_qmss_queue: Use pm_runtime_resume_and_get instead of pm_runtime_get_sync (git-fixes).
- soc: ti: smartreflex: Fix PM disable depth imbalance in omap_sr_probe (git-fixes).
- soundwire: dmi-quirks: add quirk variant for LAPBC710 NUC15 (git-fixes).
- spi: spi-gpio: Do not set MOSI as an input if not 3WIRE mode (git-fixes).
- spi: spidev: mask SPI_CS_HIGH in SPI_IOC_RD_MODE (git-fixes).
- spi: Update reference to struct spi_controller (git-fixes).
- staging: media: tegra-video: fix chan->mipi value on error (git-fixes).
- staging: media: tegra-video: fix device_node use after free (git-fixes).
- staging: rtl8192e: Fix potential use-after-free in rtllib_rx_Monitor() (git-fixes).
- staging: rtl8192u: Fix use after free in ieee80211_rx() (git-fixes).
- string.h: Introduce memset_startat() for wiping trailing members and padding (jsc#PED-1445).
- test_firmware: fix memory leak in test_firmware_init() (git-fixes).
- thermal: core: fix some possible name leaks in error paths (git-fixes).
- thermal: int340x: Add missing attribute for data rate base (git-fixes).
- thermal/drivers/imx8mm_thermal: Validate temperature range (git-fixes).
- thermal/drivers/qcom/temp-alarm: Fix inaccurate warning for gen2 (git-fixes).
- timers: implement usleep_idle_range() (git-fixes).
- tpm: acpi: Call acpi_put_table() to fix memory leak (git-fixes).
- tpm: tpm_crb: Add the missed acpi_put_table() to fix memory leak (git-fixes).
- tpm: tpm_tis: Add the missed acpi_put_table() to fix memory leak (git-fixes).
- tpm/tpm_crb: Fix error message in __crb_relinquish_locality() (git-fixes).
- tpm/tpm_ftpm_tee: Fix error handling in ftpm_mod_init() (git-fixes).
- tracing: Add tracing_reset_all_online_cpus_unlocked() function (git-fixes).
- tracing: Free buffers when a used dynamic event is removed (git-fixes).
- tracing/doc: Fix typos on the timerlat tracer documentation (git-fixes).
- tracing/osnoise: Fix duration type (git-fixes).
- tty: serial: altera_uart_{r,t}x_chars() need only uart_port (git-fixes).
- tty: serial: clean up stop-tx part in altera_uart_tx_chars() (git-fixes).
- uio: uio_dmem_genirq: Fix deadlock between irq config and handling (git-fixes).
- uio: uio_dmem_genirq: Fix missing unlock in irq configuration (git-fixes).
- units: Add SI metric prefix definitions (git-fixes).
- units: add the HZ macros (git-fixes).
- usb: cdnsp: fix lack of ZLP for ep0 (git-fixes).
- usb: dwc3: core: defer probe on ulpi_read_id timeout (git-fixes).
- usb: dwc3: fix PHY disable sequence (git-fixes).
- usb: dwc3: Fix race between dwc3_set_mode and __dwc3_set_mode (git-fixes).
- usb: dwc3: gadget: Disable GUSB2PHYCFG.SUSPHY for End Transfer (git-fixes).
- usb: dwc3: pci: Update PCIe device ID for USB3 controller on CPU sub-system for Raptor Lake (git-fixes).
- usb: dwc3: qcom: fix runtime PM wakeup (git-fixes).
- usb: gadget: uvc: Prevent buffer overflow in setup handler (git-fixes).
- usb: gadget: uvc: Rename bmInterfaceFlags -> bmInterlaceFlags (git-fixes).
- usb: rndis_host: Secure rndis_query check against int overflow (git-fixes).
- usb: roles: fix of node refcount leak in usb_role_switch_is_parent() (git-fixes).
- usb: serial: cp210x: add Kamstrup RF sniffer PIDs (git-fixes).
- usb: serial: f81232: fix division by zero on line-speed change (git-fixes).
- usb: serial: f81534: fix division by zero on line-speed change (git-fixes).
- usb: serial: option: add Quectel EM05-G modem (git-fixes).
- usb: storage: Add check for kcalloc (git-fixes).
- usb: typec: Check for ops->exit instead of ops->enter in altmode_exit (git-fixes).
- usb: typec: Factor out non-PD fwnode properties (git-fixes).
- usb: typec: tcpci: fix of node refcount leak in tcpci_register_port() (git-fixes).
- usb: typec: tipd: Cleanup resources if devm_tps6598_psy_register fails (git-fixes).
- usb: typec: tipd: Fix spurious fwnode_handle_put in error path (git-fixes).
- usb: ulpi: defer ulpi_register on ulpi_read_id timeout (git-fixes).
- usb: xhci-mtk: fix leakage of shared hcd when fail to set wakeup irq (git-fixes).
- vdpa_sim: fix possible memory leak in vdpasim_net_init() and vdpasim_blk_init() (git-fixes).
- vdpa_sim: fix vringh initialization in vdpasim_queue_ready() (git-fixes).
- vfio: platform: Do not pass return buffer to ACPI _RST method (git-fixes).
- vhost: fix range used in translate_desc() (git-fixes).
- vhost/vsock: Fix error handling in vhost_vsock_init() (git-fixes).
- vmxnet3: correctly report csum_level for encapsulated packet (git-fixes).
- vringh: fix range used in iotlb_translate() (git-fixes).
- vsock: Enable y2038 safe timeval for timeout (bsc#1206101).
- vsock: Refactor vsock_*_getsockopt to resemble sock_getsockopt (bsc#1206101).
- wifi: ar5523: Fix use-after-free on ar5523_cmd() timed out (git-fixes).
- wifi: ath10k: Fix return value in ath10k_pci_init() (git-fixes).
- wifi: ath9k: hif_usb: fix memory leak of urbs in ath9k_hif_usb_dealloc_tx_urbs() (git-fixes).
- wifi: ath9k: hif_usb: Fix use-after-free in ath9k_hif_usb_reg_in_cb() (git-fixes).
- wifi: ath9k: verify the expected usb_endpoints are present (git-fixes).
- wifi: brcmfmac: Fix error return code in brcmf_sdio_download_firmware() (git-fixes).
- wifi: brcmfmac: Fix potential shift-out-of-bounds in brcmf_fw_alloc_request() (git-fixes).
- wifi: cfg80211: Fix not unregister reg_pdev when load_builtin_regdb_keys() fails (git-fixes).
- wifi: iwlwifi: mvm: fix double free on tx path (git-fixes).
- wifi: mac80211: fix memory leak in ieee80211_if_add() (git-fixes).
- wifi: mt76: do not run mt76u_status_worker if the device is not running (git-fixes).
- wifi: mt76: fix coverity overrun-call in mt76_get_txpower() (git-fixes).
- wifi: rsi: Fix handling of 802.3 EAPOL frames sent via control port (git-fixes).
- wifi: rtl8xxxu: Add __packed to struct rtl8723bu_c2h (git-fixes).
- wifi: rtl8xxxu: Fix the channel width reporting (git-fixes).
- wifi: rtl8xxxu: gen2: Turn on the rate control (git-fixes).
- wifi: rtw89: fix physts IE page check (git-fixes).
- wifi: rtw89: Fix some error handling path in rtw89_core_sta_assoc() (git-fixes).
- wifi: rtw89: use u32_encode_bits() to fill MAC quota value (git-fixes).
- wifi: wilc1000: sdio: fix module autoloading (git-fixes).
- xfrm: Fix oops in __xfrm_state_delete() (bsc#1206794).
- xhci: Apply XHCI_RESET_TO_DEFAULT quirk to ADL-N (git-fixes).
Patchnames
SUSE-2023-146,SUSE-SLE-Module-Public-Cloud-15-SP4-2023-146,openSUSE-SLE-15.4-2023-146
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for the Linux Kernel", title: "Title of the patch", }, { category: "description", text: "\nThe SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2022-3344: Fixed a flaw found in the KVM's AMD nested virtualization (SVM). A malicious L1 guest could purposely fail to intercept the shutdown of a cooperative nested guest (L2), possibly leading to a page fault and kernel panic in the host (L0). (bsc#1204652)\n- CVE-2022-4662: Fixed a recursive locking violation in usb-storage that can cause the kernel to deadlock. (bsc#1206664)\n- CVE-2022-3115: Fixed a null pointer dereference in malidp_crtc.c caused by a lack of checks of the return value of kzalloc. (bsc#1206393)\n- CVE-2022-47520: Fixed an out-of-bounds read when parsing a Robust Security Network (RSN) information element from a Netlink packet. (bsc#1206515)\n- CVE-2022-3112: Fixed a null pointer dereference caused by a missing check of the return value of kzalloc() in vdec_helpers.c:amvdec_set_canvases. (bsc#1206399)\n- CVE-2022-3564: Fixed a bug which could lead to use after free, it was found in the function l2cap_reassemble_sdu of the file net/bluetooth/l2cap_core.c of the component Bluetooth. (bsc#1206073)\n- CVE-2022-4379: Fixed a use-after-free vulnerability in nfs4file.c:__nfs42_ssc_open. (bsc#1206209)\n- CVE-2022-3108: Fixed a bug in kfd_parse_subtype_iolink in drivers/gpu/drm/amd/amdkfd/kfd_crat.c where a lack of check of the return value of kmemdup() could lead to a NULL pointer dereference. (bsc#1206389)\n- CVE-2022-3104: Fixed a null pointer dereference caused by caused by a missing check of the return value of kzalloc() in bugs.c:lkdtm_ARRAY_BOUNDS. (bsc#1206396)\n- CVE-2022-3113: Fixed a null pointer dereference caused by a missing check of the return value of devm_kzalloc. (bsc#1206390)\n- CVE-2022-3107: Fixed a null pointer dereference caused by a missing check of the return value of kvmalloc_array. (bsc#1206395)\n- CVE-2022-3114: Fixed a null pointer dereference caused by a missing check of the return value of kcalloc. (bsc#1206391)\n- CVE-2022-3111: Fixed a missing release of resource after effective lifetime bug caused by a missing free of the WM8350_IRQ_CHG_FAST_RDY in wm8350_init_charger. (bsc#1206394)\n- CVE-2022-3105: Fixed a null pointer dereference caused by a missing check of the return value of kmalloc_array. (bsc#1206398)\n- CVE-2022-3106: Fixed a null pointer dereference caused by a missing check of the return value of kmalloc. (bsc#1206397)\n\nThe following non-security bugs were fixed:\n\n- acct: fix potential integer overflow in encode_comp_t() (git-fixes).\n- ACPI: resource: Skip IRQ override on Asus Vivobook K3402ZA/K3502ZA (git-fixes).\n- ACPICA: Fix error code path in acpi_ds_call_control_method() (git-fixes).\n- ACPICA: Fix use-after-free in acpi_ut_copy_ipackage_to_ipackage() (git-fixes).\n- ALSA: asihpi: fix missing pci_disable_device() (git-fixes).\n- ALSA: hda/hdmi: Add HP Device 0x8711 to force connect list (git-fixes).\n- ALSA: hda/realtek: Add quirk for Lenovo TianYi510Pro-14IOB (git-fixes).\n- ALSA: hda/realtek: Apply dual codec fixup for Dell Latitude laptops (git-fixes).\n- ALSA: line6: correct midi status byte when receiving data from podxt (git-fixes).\n- ALSA: line6: fix stack overflow in line6_midi_transmit (git-fixes).\n- ALSA: mts64: fix possible null-ptr-defer in snd_mts64_interrupt (git-fixes).\n- ALSA: patch_realtek: Fix Dell Inspiron Plus 16 (git-fixes).\n- ALSA: pcm: fix undefined behavior in bit shift for SNDRV_PCM_RATE_KNOT (git-fixes).\n- ALSA: pcm: Set missing stop_operating flag at undoing trigger start (git-fixes).\n- ALSA: seq: Fix function prototype mismatch in snd_seq_expand_var_event (git-fixes).\n- ALSA: seq: fix undefined behavior in bit shift for SNDRV_SEQ_FILTER_USE_EVENT (git-fixes).\n- ALSA: usb-audio: add the quirk for KT0206 device (git-fixes).\n- amdgpu/pm: prevent array underflow in vega20_odn_edit_dpm_table() (git-fixes).\n- apparmor: fix a memleak in multi_transaction_new() (git-fixes).\n- apparmor: Fix abi check to include v8 abi (git-fixes).\n- apparmor: fix lockdep warning when removing a namespace (git-fixes).\n- apparmor: Fix memleak in alloc_ns() (git-fixes).\n- apparmor: Use pointer to struct aa_label for lbs_cred (git-fixes).\n- ARM: 9251/1: perf: Fix stacktraces for tracepoint events in THUMB2 kernels (git-fixes).\n- ARM: 9256/1: NWFPE: avoid compiler-generated __aeabi_uldivmod (git-fixes).\n- ARM: dts: armada-370: Fix assigned-addresses for every PCIe Root Port (git-fixes).\n- ARM: dts: armada-375: Fix assigned-addresses for every PCIe Root Port (git-fixes).\n- ARM: dts: armada-38x: Fix assigned-addresses for every PCIe Root Port (git-fixes).\n- ARM: dts: armada-38x: Fix compatible string for gpios (git-fixes).\n- ARM: dts: armada-39x: Fix assigned-addresses for every PCIe Root Port (git-fixes).\n- ARM: dts: armada-39x: Fix compatible string for gpios (git-fixes).\n- ARM: dts: armada-xp: Fix assigned-addresses for every PCIe Root Port (git-fixes).\n- ARM: dts: dove: Fix assigned-addresses for every PCIe Root Port (git-fixes).\n- ARM: dts: nuvoton: Remove bogus unit addresses from fixed-partition nodes (git-fixes).\n- ARM: dts: qcom: apq8064: fix coresight compatible (git-fixes).\n- ARM: dts: rockchip: disable arm_global_timer on rk3066 and rk3188 (git-fixes).\n- ARM: dts: rockchip: fix ir-receiver node names (git-fixes).\n- ARM: dts: rockchip: fix node name for hym8563 rtc (git-fixes).\n- ARM: dts: rockchip: remove clock-frequency from rtc (git-fixes).\n- ARM: dts: rockchip: rk3188: fix lcdc1-rgb24 node name (git-fixes).\n- ARM: dts: spear600: Fix clcd interrupt (git-fixes).\n- ARM: dts: stm32: Drop stm32mp15xc.dtsi from Avenger96 (git-fixes).\n- ARM: dts: stm32: Fix AV96 WLAN regulator gpio property (git-fixes).\n- ARM: dts: turris-omnia: Add ethernet aliases (git-fixes).\n- ARM: dts: turris-omnia: Add switch port 6 node (git-fixes).\n- ARM: mmp: fix timer_read delay (git-fixes).\n- ARM: ux500: do not directly dereference __iomem (git-fixes).\n- arm64: Avoid repeated AA64MMFR1_EL1 register read on pagefault path (performance bsc#1203219).\n- arm64: dts: armada-3720-turris-mox: Add missing interrupt for RTC (git-fixes).\n- arm64: dts: mediatek: mt6797: Fix 26M oscillator unit name (git-fixes).\n- arm64: dts: mediatek: pumpkin-common: Fix devicetree warnings (git-fixes).\n- arm64: dts: mt2712-evb: Fix usb vbus regulators unit names (git-fixes).\n- arm64: dts: mt2712-evb: Fix vproc fixed regulators unit names (git-fixes).\n- arm64: dts: mt2712e: Fix unit address for pinctrl node (git-fixes).\n- arm64: dts: mt2712e: Fix unit_address_vs_reg warning for oscillators (git-fixes).\n- arm64: dts: mt6779: Fix devicetree build warnings (git-fixes).\n- arm64: dts: mt7622: drop r_smpl property from mmc node (git-fixes).\n- arm64: dts: mt8183: drop drv-type from mmc-node (git-fixes).\n- arm64: dts: mt8183: Fix Mali GPU clock (git-fixes).\n- arm64: dts: qcom: ipq6018-cp01-c1: use BLSPI1 pins (git-fixes).\n- arm64: dts: qcom: msm8916: Drop MSS fallback compatible (git-fixes).\n- arm64: dts: qcom: msm8996: Add MSM8996 Pro support (git-fixes).\n- arm64: dts: qcom: msm8996: fix GPU OPP table (git-fixes).\n- arm64: dts: qcom: msm8996: fix supported-hw in cpufreq OPP tables (git-fixes).\n- arm64: dts: qcom: sdm630: fix UART1 pin bias (git-fixes).\n- arm64: dts: qcom: sdm845-cheza: fix AP suspend pin bias (git-fixes).\n- arm64: dts: qcom: sdm845-db845c: correct SPI2 pins drive strength (git-fixes).\n- arm64: dts: qcom: sdm850-lenovo-yoga-c630: correct I2C12 pins drive strength (git-fixes).\n- arm64: dts: qcom: sm8250-sony-xperia-edo: fix touchscreen bias-disable (git-fixes).\n- arm64: dts: qcom: sm8250: correct LPASS pin pull down (git-fixes).\n- arm64: dts: qcom: sm8250: drop bogus DP PHY clock (git-fixes).\n- arm64: dts: qcom: sm8250: fix USB-DP PHY registers (git-fixes).\n- arm64: dts: rockchip: fix ir-receiver node names (git-fixes).\n- arm64: dts: rockchip: keep I2S1 disabled for GPIO function on ROCK Pi 4 series (git-fixes).\n- arm64: dts: ti: k3-am65-main: Drop dma-coherent in crypto node (git-fixes).\n- arm64: dts: ti: k3-j721e-main: Drop dma-coherent in crypto node (git-fixes).\n- ASoC: audio-graph-card: fix refcount leak of cpu_ep in __graph_for_each_link() (git-fixes).\n- ASoC: codecs: rt298: Add quirk for KBL-R RVP platform (git-fixes).\n- ASoC: cs42l51: Correct PGA Volume minimum value (git-fixes).\n- ASoC: dt-bindings: wcd9335: fix reset line polarity in example (git-fixes).\n- ASoC: fsl_micfil: explicitly clear CHnF flags (git-fixes).\n- ASoC: fsl_micfil: explicitly clear software reset bit (git-fixes).\n- ASoC: Intel: bytcr_rt5640: Add quirk for the Advantech MICA-071 tablet (git-fixes).\n- ASoC: jz4740-i2s: Handle independent FIFO flush bits (git-fixes).\n- ASoC: mediatek: mt8173-rt5650-rt5514: fix refcount leak in mt8173_rt5650_rt5514_dev_probe() (git-fixes).\n- ASoC: mediatek: mt8173: Enable IRQ when pdata is ready (git-fixes).\n- ASoC: mediatek: mt8183: fix refcount leak in mt8183_mt6358_ts3a227_max98357_dev_probe() (git-fixes).\n- ASoC: mediatek: mtk-btcvsd: Add checks for write and read of mtk_btcvsd_snd (git-fixes).\n- ASoC: ops: Check bounds for second channel in snd_soc_put_volsw_sx() (git-fixes).\n- ASoC: ops: Correct bounds check for second channel on SX controls (git-fixes).\n- ASoC: pcm512x: Fix PM disable depth imbalance in pcm512x_probe (git-fixes).\n- ASoC: pxa: fix null-pointer dereference in filter() (git-fixes).\n- ASoC: qcom: Add checks for devm_kcalloc (git-fixes).\n- ASoC: rockchip: pdm: Add missing clk_disable_unprepare() in rockchip_pdm_runtime_resume() (git-fixes).\n- ASoC: rockchip: spdif: Add missing clk_disable_unprepare() in rk_spdif_runtime_resume() (git-fixes).\n- ASoC: rt5670: Remove unbalanced pm_runtime_put() (git-fixes).\n- ASoC: rt711-sdca: fix the latency time of clock stop prepare state machine transitions (git-fixes).\n- ASoC: soc-pcm: Add NULL check in BE reparenting (git-fixes).\n- ASoC: wm8962: Wait for updated value of WM8962_CLOCKING1 register (git-fixes).\n- ASoC: wm8994: Fix potential deadlock (git-fixes).\n- ata: ahci: Fix PCS quirk application for suspend (git-fixes).\n- binfmt_elf: fix documented return value for load_elf_phdrs() (git-fixes).\n- binfmt_misc: fix shift-out-of-bounds in check_special_flags (git-fixes).\n- binfmt: Fix error return code in load_elf_fdpic_binary() (git-fixes).\n- block: Do not reread partition table on exclusively open device (bsc#1190969).\n- Bluetooth: btintel: Fix missing free skb in btintel_setup_combined() (git-fixes).\n- Bluetooth: btusb: Add debug message for CSR controllers (git-fixes).\n- Bluetooth: btusb: do not call kfree_skb() under spin_lock_irqsave() (git-fixes).\n- Bluetooth: hci_bcsp: do not call kfree_skb() under spin_lock_irqsave() (git-fixes).\n- Bluetooth: hci_core: do not call kfree_skb() under spin_lock_irqsave() (git-fixes).\n- Bluetooth: hci_h5: do not call kfree_skb() under spin_lock_irqsave() (git-fixes).\n- Bluetooth: hci_ll: do not call kfree_skb() under spin_lock_irqsave() (git-fixes).\n- Bluetooth: hci_qca: do not call kfree_skb() under spin_lock_irqsave() (git-fixes).\n- Bluetooth: MGMT: Fix error report for ADD_EXT_ADV_PARAMS (git-fixes).\n- Bluetooth: RFCOMM: do not call kfree_skb() under spin_lock_irqsave() (git-fixes).\n- brcmfmac: return error when getting invalid max_flowrings from dongle (git-fixes).\n- caif: fix memory leak in cfctrl_linkup_request() (git-fixes).\n- can: do not increase rx statistics when generating a CAN rx error message frame (git-fixes).\n- can: do not increase rx_bytes statistics for RTR frames (git-fixes).\n- can: kvaser_usb_leaf: Fix bogus restart events (git-fixes).\n- can: kvaser_usb_leaf: Fix wrong CAN state after stopping (git-fixes).\n- can: kvaser_usb_leaf: Set Warning state even without bus errors (git-fixes).\n- can: kvaser_usb: do not increase tx statistics when sending error message frames (git-fixes).\n- can: kvaser_usb: kvaser_usb_leaf: fix bittiming limits (git-fixes).\n- can: kvaser_usb: make use of units.h in assignment of frequency (git-fixes).\n- can: m_can: fix typo prescalar -> prescaler (git-fixes).\n- can: m_can: is_lec_err(): clean up LEC error handling (git-fixes).\n- can: mcba_usb: Fix termination command argument (git-fixes).\n- can: sja1000: fix size of OCR_MODE_MASK define (git-fixes).\n- can: tcan4x5x: Remove invalid write in clear_interrupts (git-fixes).\n- chardev: fix error handling in cdev_device_add() (git-fixes).\n- cifs: Add 'extbuf' and 'extbuflen' args to smb2_compound_op() (bsc#1193629).\n- cifs: do not block in dfs_cache_noreq_update_tgthint() (bsc#1193629).\n- cifs: do not leak -ENOMEM in smb2_open_file() (bsc#1193629).\n- cifs: do not refresh cached referrals from unactive mounts (bsc#1193629).\n- cifs: fix confusing debug message (bsc#1193629).\n- cifs: Fix kmap_local_page() unmapping (git-fixes).\n- cifs: fix missing display of three mount options (bsc#1193629).\n- cifs: fix oops during encryption (bsc#1199294).\n- cifs: fix refresh of cached referrals (bsc#1193629).\n- cifs: fix source pathname comparison of dfs supers (bsc#1193629).\n- cifs: fix various whitespace errors in headers (bsc#1193629).\n- cifs: get rid of mount options string parsing (bsc#1193629).\n- cifs: minor cleanup of some headers (bsc#1193629).\n- cifs: optimize reconnect of nested links (bsc#1193629).\n- cifs: Parse owner/group for stat in smb311 posix extensions (bsc#1193629).\n- cifs: print warning when conflicting soft vs. hard mount options specified (bsc#1193629).\n- cifs: reduce roundtrips on create/qinfo requests (bsc#1193629).\n- cifs: refresh root referrals (bsc#1193629).\n- cifs: Remove duplicated include in cifsglob.h (bsc#1193629).\n- cifs: remove unused smb3_fs_context::mount_options (bsc#1193629).\n- cifs: set correct ipc status after initial tree connect (bsc#1193629).\n- cifs: set correct status of tcon ipc when reconnecting (bsc#1193629).\n- cifs: set correct tcon status after initial tree connect (bsc#1193629).\n- cifs: set resolved ip in sockaddr (bsc#1193629).\n- cifs: share dfs connections and supers (bsc#1193629).\n- cifs: skip alloc when request has no pages (bsc#1193629).\n- cifs: split out ses and tcon retrieval from mount_get_conns() (bsc#1193629).\n- cifs: update internal module number (bsc#1193629).\n- cifs: use fs_context for automounts (bsc#1193629).\n- cifs: use origin fullpath for automounts (bsc#1193629).\n- class: fix possible memory leak in __class_register() (git-fixes).\n- clk: Fix pointer casting to prevent oops in devm_clk_release() (git-fixes).\n- clk: generalize devm_clk_get() a bit (git-fixes).\n- clk: imx: imx8mp: add shared clk gate for usb suspend clk (git-fixes).\n- clk: imx: replace osc_hdmi with dummy (git-fixes).\n- clk: nomadik: correct struct name kernel-doc warning (git-fixes).\n- clk: Provide new devm_clk helpers for prepared and enabled clocks (git-fixes).\n- clk: qcom: clk-krait: fix wrong div2 functions (git-fixes).\n- clk: qcom: gcc-sm8250: Use retention mode for USB GDSCs (git-fixes).\n- clk: qcom: lpass-sc7180: Fix pm_runtime usage (git-fixes).\n- clk: renesas: r9a06g032: Repair grave increment error (git-fixes).\n- clk: rockchip: Fix memory leak in rockchip_clk_register_pll() (git-fixes).\n- clk: samsung: Fix memory leak in _samsung_clk_register_pll() (git-fixes).\n- clk: socfpga: Fix memory leak in socfpga_gate_init() (git-fixes).\n- clk: st: Fix memory leak in st_of_quadfs_setup() (git-fixes).\n- clk: sunxi-ng: v3s: Correct the header guard of ccu-sun8i-v3s.h (git-fixes).\n- clocksource/drivers/sh_cmt: Access registers according to spec (git-fixes).\n- clocksource/drivers/timer-ti-dm: Fix missing clk_disable_unprepare in dmtimer_systimer_init_clock() (git-fixes).\n- cpufreq: ACPI: Defer setting boost MSRs (bsc#1205485).\n- cpufreq: ACPI: Only set boost MSRs on supported CPUs (bsc#1205485).\n- cpufreq: ACPI: Remove unused variables 'acpi_cpufreq_online' and 'ret' (bsc#1205485).\n- cpufreq: intel_pstate: Add Sapphire Rapids support in no-HWP mode (bsc#1201068).\n- crypto: ccree - Make cc_debugfs_global_fini() available for module init function (git-fixes).\n- crypto: ccree - Remove debugfs when platform_driver_register failed (git-fixes).\n- crypto: cryptd - Use request context instead of stack for sub-request (git-fixes).\n- crypto: hisilicon/qm - fix missing destroy qp_idr (git-fixes).\n- crypto: img-hash - Fix variable dereferenced before check 'hdev->req' (git-fixes).\n- crypto: n2 - add missing hash statesize (git-fixes).\n- crypto: nitrox - avoid double free on error path in nitrox_sriov_init() (git-fixes).\n- crypto: omap-sham - Use pm_runtime_resume_and_get() in omap_sham_probe() (git-fixes).\n- crypto: rockchip - add fallback for ahash (git-fixes).\n- crypto: rockchip - add fallback for cipher (git-fixes).\n- crypto: rockchip - better handle cipher key (git-fixes).\n- crypto: rockchip - do not do custom power management (git-fixes).\n- crypto: rockchip - do not store mode globally (git-fixes).\n- crypto: rockchip - remove non-aligned handling (git-fixes).\n- crypto: rockchip - rework by using crypto_engine (git-fixes).\n- crypto: sun8i-ss - use dma_addr instead u32 (git-fixes).\n- crypto: tcrypt - Fix multibuffer skcipher speed test mem leak (git-fixes).\n- device property: Fix documentation for fwnode_get_next_parent() (git-fixes).\n- dmaengine: idxd: Fix crc_val field for completion record (git-fixes).\n- docs/zh_CN: Fix '.. only::' directive's expression (git-fixes).\n- Documentation: bonding: update miimon default to 100 (git-fixes).\n- Documentation: devres: add missing devm_acpi_dma_controller_free() helper (git-fixes).\n- Documentation: devres: add missing MEM helper (git-fixes).\n- Documentation: devres: add missing PHY helpers (git-fixes).\n- Documentation: devres: add missing PWM helper (git-fixes).\n- Documentation/features-refresh.sh: Only sed the beginning 'arch' of ARCH_DIR (git-fixes).\n- drbd: destroy workqueue when drbd device was freed (git-fixes).\n- drbd: remove call to memset before free device/resource/connection (git-fixes).\n- drbd: remove usage of list iterator variable after loop (git-fixes).\n- drbd: set QUEUE_FLAG_STABLE_WRITES (git-fixes).\n- drbd: use after free in drbd_create_device() (git-fixes).\n- driver core: Fix bus_type.match() error handling in __driver_attach() (git-fixes).\n- drivers: dio: fix possible memory leak in dio_init() (git-fixes).\n- drivers: soc: ti: knav_qmss_queue: Mark knav_acc_firmwares as static (git-fixes).\n- drm: bridge: dw_hdmi: fix preference of RGB modes over YUV420 (git-fixes).\n- drm/amd/display: fix array index out of bound error in bios parser (git-fixes).\n- drm/amd/display: Manually adjust strobe for DCN303 (git-fixes).\n- drm/amd/display: prevent memory leak (git-fixes).\n- drm/amd/display: Use the largest vready_offset in pipe group (git-fixes).\n- drm/amd/pm/smu11: BACO is supported when it's in BACO state (git-fixes).\n- drm/amdgpu: fix pci device refcount leak (git-fixes).\n- drm/amdgpu: Fix PCI device refcount leak in amdgpu_atrm_get_bios() (git-fixes).\n- drm/amdgpu: Fix type of second parameter in odn_edit_dpm_table() callback (git-fixes).\n- drm/amdgpu: Fix type of second parameter in trans_msg() callback (git-fixes).\n- drm/amdgpu: handle polaris10/11 overlap asics (v2) (git-fixes).\n- drm/amdgpu: make display pinning more flexible (v2) (git-fixes).\n- drm/amdgpu/powerplay/psm: Fix memory leak in power state init (git-fixes).\n- drm/amdgpu/sdma_v4_0: turn off SDMA ring buffer in the s2idle suspend (git-fixes).\n- drm/amdkfd: Fix memory leakage (git-fixes).\n- drm/bridge: adv7533: remove dynamic lane switching from adv7533 bridge (git-fixes).\n- drm/bridge: anx7625: Fix edid_read break case in sp_tx_edid_read() (git-fixes).\n- drm/bridge: ti-sn65dsi86: Fix output polarity setting bug (git-fixes).\n- drm/connector: send hotplug uevent on connector cleanup (git-fixes).\n- drm/edid: Fix minimum bpc supported with DSC1.2 for HDMI sink (git-fixes).\n- drm/etnaviv: add missing quirks for GC300 (git-fixes).\n- drm/etnaviv: do not truncate physical page address (git-fixes).\n- drm/fourcc: Add packed 10bit YUV 4:2:0 format (git-fixes).\n- drm/fourcc: Fix vsub/hsub for Q410 and Q401 (git-fixes).\n- drm/fsl-dcu: Fix return type of fsl_dcu_drm_connector_mode_valid() (git-fixes).\n- drm/i915: Fix documentation for intel_uncore_forcewake_put__locked (git-fixes).\n- drm/i915: remove circ_buf.h includes (git-fixes).\n- drm/i915: unpin on error in intel_vgpu_shadow_mm_pin() (git-fixes).\n- drm/i915/display: Do not disable DDI/Transcoder when setting phy test pattern (git-fixes).\n- drm/i915/dsi: fix VBT send packet port selection for dual link DSI (git-fixes).\n- drm/i915/gvt: fix gvt debugfs destroy (git-fixes).\n- drm/i915/gvt: fix vgpu debugfs clean in remove (git-fixes).\n- drm/i915/migrate: do not check the scratch page (git-fixes).\n- drm/i915/migrate: fix length calculation (git-fixes).\n- drm/i915/migrate: fix offset calculation (git-fixes).\n- drm/i915/ttm: never purge busy objects (git-fixes).\n- drm/imx: ipuv3-plane: Fix overlay plane width (git-fixes).\n- drm/ingenic: Fix missing platform_driver_unregister() call in ingenic_drm_init() (git-fixes).\n- drm/mediatek: Fix return type of mtk_hdmi_bridge_mode_valid() (git-fixes).\n- drm/mediatek: Modify dpi power on/off sequence (git-fixes).\n- drm/meson: Reduce the FIFO lines held when AFBC is not used (git-fixes).\n- drm/msm: Use drm_mode_copy() (git-fixes).\n- drm/panel/panel-sitronix-st7701: Remove panel on DSI attach failure (git-fixes).\n- drm/panfrost: Fix GEM handle creation ref-counting (git-fixes).\n- drm/radeon: Add the missed acpi_put_table() to fix memory leak (git-fixes).\n- drm/radeon: Fix PCI device refcount leak in radeon_atrm_get_bios() (git-fixes).\n- drm/rockchip: lvds: fix PM usage counter unbalance in poweron (git-fixes).\n- drm/rockchip: Use drm_mode_copy() (git-fixes).\n- drm/shmem-helper: Avoid vm_open error paths (git-fixes).\n- drm/shmem-helper: Remove errant put in error path (git-fixes).\n- drm/sti: Fix return type of sti_{dvo,hda,hdmi}_connector_mode_valid() (git-fixes).\n- drm/sti: Use drm_mode_copy() (git-fixes).\n- drm/tegra: Add missing clk_disable_unprepare() in tegra_dc_probe() (git-fixes).\n- drm/vmwgfx: Do not use screen objects when SEV is active (git-fixes).\n- drm/vmwgfx: Fix a sparse warning in kernel docs (git-fixes).\n- drm/vmwgfx: Validate the box size for the snooped cursor (git-fixes).\n- Drop FIPS mode DRBG->getrandom(2) wire-up (bsc#1191259)\n- dt-bindings: clock: qcom,aoncc-sm8250: fix compatible (git-fixes).\n- dt-bindings: clocks: imx8mp: Add ID for usb suspend clock (git-fixes).\n- dt-bindings: display: sun6i-dsi: Fix clock conditional (git-fixes).\n- dt-bindings: gpio: gpio-davinci: Increase maxItems in gpio-line-names (git-fixes).\n- dt-bindings: net: sun8i-emac: Add phy-supply property (git-fixes).\n- EDAC/mc_sysfs: Increase legacy channel support to 12 (bsc#1205263).\n- efi: Add iMac Pro 2017 to uefi skip cert quirk (git-fixes).\n- ext4: avoid BUG_ON when creating xattrs (bsc#1205496).\n- extcon: usbc-tusb320: Add support for mode setting and reset (git-fixes).\n- extcon: usbc-tusb320: Add support for TUSB320L (git-fixes).\n- extcon: usbc-tusb320: Factor out extcon into dedicated functions (git-fixes).\n- fbcon: Use kzalloc() in fbcon_prepare_logo() (git-fixes).\n- fbdev: fbcon: release buffer when fbcon_do_set_font() failed (git-fixes).\n- fbdev: geode: do not build on UML (git-fixes).\n- fbdev: matroxfb: G200eW: Increase max memory from 1 MB to 16 MB (git-fixes).\n- fbdev: pm2fb: fix missing pci_disable_device() (git-fixes).\n- fbdev: ssd1307fb: Drop optional dependency (git-fixes).\n- fbdev: uvesafb: do not build on UML (git-fixes).\n- fbdev: uvesafb: Fixes an error handling path in uvesafb_probe() (git-fixes).\n- fbdev: vermilion: decrease reference count in error path (git-fixes).\n- fbdev: via: Fix error in via_core_init() (git-fixes).\n- firmware: raspberrypi: fix possible memory leak in rpi_firmware_probe() (git-fixes).\n- floppy: Fix memory leak in do_floppy_init() (git-fixes).\n- gpio: sifive: Fix refcount leak in sifive_gpio_probe (git-fixes).\n- gpiolib: cdev: fix NULL-pointer dereferences (git-fixes).\n- gpiolib: check the 'ngpios' property in core gpiolib code (git-fixes).\n- gpiolib: fix memory leak in gpiochip_setup_dev() (git-fixes).\n- gpiolib: Get rid of redundant 'else' (git-fixes).\n- gpiolib: improve coding style for local variables (git-fixes).\n- gpiolib: make struct comments into real kernel docs (git-fixes).\n- hamradio: baycom_epp: Fix return type of baycom_send_packet() (git-fixes).\n- hamradio: do not call dev_kfree_skb() under spin_lock_irqsave() (git-fixes).\n- HID: hid-sensor-custom: set fixed size for custom attributes (git-fixes).\n- HID: ite: Enable QUIRK_TOUCHPAD_ON_OFF_REPORT on Acer Aspire Switch V 10 (git-fixes).\n- HID: mcp2221: do not connect hidraw (git-fixes).\n- HID: multitouch: fix Asus ExpertBook P2 P2451FA trackpoint (git-fixes).\n- HID: plantronics: Additional PIDs for double volume key presses quirk (git-fixes).\n- HID: uclogic: Add HID_QUIRK_HIDINPUT_FORCE quirk (git-fixes).\n- HID: usbhid: Add ALWAYS_POLL quirk for some mice (git-fixes).\n- HID: wacom: Ensure bootloader PID is usable in hidraw mode (git-fixes).\n- HSI: omap_ssi_core: Fix error handling in ssi_init() (git-fixes).\n- HSI: omap_ssi_core: fix possible memory leak in ssi_probe() (git-fixes).\n- HSI: omap_ssi_core: fix unbalanced pm_runtime_disable() (git-fixes).\n- hwmon: (jc42) Convert register access and caching to regmap/regcache (git-fixes).\n- hwmon: (jc42) Fix missing unlock on error in jc42_write() (git-fixes).\n- hwmon: (jc42) Restore the min/max/critical temperatures on resume (git-fixes).\n- hwrng: amd - Fix PCI device refcount leak (git-fixes).\n- i2c: ismt: Fix an out-of-bounds bug in ismt_access() (git-fixes).\n- i2c: mux: reg: check return value after calling platform_get_resource() (git-fixes).\n- i2c: pxa-pci: fix missing pci_disable_device() on error in ce4100_i2c_probe (git-fixes).\n- IB/IPoIB: Fix queue count inconsistency for PKEY child interfaces (git-fixes)\n- ibmveth: Always stop tx queues during close (bsc#1065729).\n- iio: adc: ad_sigma_delta: do not use internal iio_dev lock (git-fixes).\n- iio: adc128s052: add proper .data members in adc128_of_match table (git-fixes).\n- iio: fix memory leak in iio_device_register_eventset() (git-fixes).\n- iio: temperature: ltc2983: make bulk write buffer DMA-safe (git-fixes).\n- ima: Fix a potential NULL pointer access in ima_restore_measurement_list (git-fixes).\n- Input: elants_i2c - properly handle the reset GPIO when power is off (git-fixes).\n- Input: joystick - fix Kconfig warning for JOYSTICK_ADC (git-fixes).\n- Input: wistron_btns - disable on UML (git-fixes).\n- integrity: Fix memory leakage in keyring allocation error path (git-fixes).\n- ipmi: fix long wait in unload when IPMI disconnect (git-fixes).\n- ipmi: fix memleak when unload ipmi driver (git-fixes).\n- ipmi: fix use after free in _ipmi_destroy_user() (git-fixes).\n- ipmi: kcs: Poll OBF briefly to reduce OBE latency (git-fixes).\n- ipu3-imgu: Fix NULL pointer dereference in imgu_subdev_set_selection() (git-fixes).\n- kABI: reintroduce a non-inline usleep_range (git-fixes).\n- lib/debugobjects: fix stat count and optimize debug_objects_mem_init (git-fixes).\n- lib/fonts: fix undefined behavior in bit shift for get_default_font (git-fixes).\n- mailbox: arm_mhuv2: Fix return value check in mhuv2_probe() (git-fixes).\n- mailbox: mpfs: read the system controller's status (git-fixes).\n- mailbox: zynq-ipi: fix error handling while device_register() fails (git-fixes).\n- media: adv748x: afe: Select input port when initializing AFE (git-fixes).\n- media: camss: Clean up received buffers on failed start of streaming (git-fixes).\n- media: dvb-core: Fix double free in dvb_register_device() (git-fixes).\n- media: dvb-core: Fix ignored return value in dvb_register_frontend() (git-fixes).\n- media: dvb-frontends: fix leak of memory fw (git-fixes).\n- media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer() (git-fixes).\n- media: dvb-usb: fix memory leak in dvb_usb_adapter_init() (git-fixes).\n- media: i2c: ad5820: Fix error path (git-fixes).\n- media: imon: fix a race condition in send_packet() (git-fixes).\n- media: saa7164: fix missing pci_disable_device() (git-fixes).\n- media: si470x: Fix use-after-free in si470x_int_in_callback() (git-fixes).\n- media: solo6x10: fix possible memory leak in solo_sysfs_init() (git-fixes).\n- media: stv0288: use explicitly signed char (git-fixes).\n- media: v4l2-ctrls: Fix off-by-one error in integer menu control check (git-fixes).\n- media: v4l2-dv-timings.c: fix too strict blanking sanity checks (git-fixes).\n- media: videobuf-dma-contig: use dma_mmap_coherent (git-fixes).\n- media: vidtv: Fix use-after-free in vidtv_bridge_dvb_init() (git-fixes).\n- media: vimc: Fix wrong function called when vimc_init() fails (git-fixes).\n- media: vivid: fix compose size exceed boundary (git-fixes).\n- memcg, kmem: further deprecate kmem.limit_in_bytes (bsc#1206896).\n- memcg: Fix possible use-after-free in memcg_write_event_control() (bsc#1206344).\n- mfd: bd957x: Fix Kconfig dependency on REGMAP_IRQ (git-fixes).\n- mfd: mt6360: Add bounds checking in Regmap read/write call-backs (git-fixes).\n- mfd: pm8008: Fix return value check in pm8008_probe() (git-fixes).\n- mfd: pm8008: Remove driver data structure pm8008_data (git-fixes).\n- mfd: qcom_rpm: Fix an error handling path in qcom_rpm_probe() (git-fixes).\n- mfd: qcom_rpm: Use devm_of_platform_populate() to simplify code (git-fixes).\n- misc: ocxl: fix possible name leak in ocxl_file_register_afu() (git-fixes).\n- misc: tifm: fix possible memory leak in tifm_7xx1_switch_media() (git-fixes).\n- mISDN: hfcmulti: do not call dev_kfree_skb/kfree_skb() under spin_lock_irqsave() (git-fixes).\n- mISDN: hfcpci: do not call dev_kfree_skb/kfree_skb() under spin_lock_irqsave() (git-fixes).\n- mISDN: hfcsusb: do not call dev_kfree_skb/kfree_skb() under spin_lock_irqsave() (git-fixes).\n- mm: fix race between MADV_FREE reclaim and blkdev direct IO read (bsc#1204989,bsc#1205601).\n- mm/mempolicy: fix memory leak in set_mempolicy_home_node system call (bsc#1206468).\n- mmc: alcor: fix return value check of mmc_add_host() (git-fixes).\n- mmc: atmel-mci: fix return value check of mmc_add_host() (git-fixes).\n- mmc: core: Normalize the error handling branch in sd_read_ext_regs() (git-fixes).\n- mmc: f-sdh30: Add quirks for broken timeout clock capability (git-fixes).\n- mmc: meson-gx: fix return value check of mmc_add_host() (git-fixes).\n- mmc: mmci: fix return value check of mmc_add_host() (git-fixes).\n- mmc: moxart: fix return value check of mmc_add_host() (git-fixes).\n- mmc: mtk-sd: Fix missing clk_disable_unprepare in msdc_of_clock_parse() (git-fixes).\n- mmc: mxcmmc: fix return value check of mmc_add_host() (git-fixes).\n- mmc: omap_hsmmc: fix return value check of mmc_add_host() (git-fixes).\n- mmc: pxamci: fix return value check of mmc_add_host() (git-fixes).\n- mmc: renesas_sdhi: alway populate SCC pointer (git-fixes).\n- mmc: renesas_sdhi: better reset from HS400 mode (git-fixes).\n- mmc: rtsx_pci: fix return value check of mmc_add_host() (git-fixes).\n- mmc: rtsx_usb_sdmmc: fix return value check of mmc_add_host() (git-fixes).\n- mmc: sdhci-sprd: Disable CLK_AUTO when the clock is less than 400K (git-fixes).\n- mmc: toshsd: fix return value check of mmc_add_host() (git-fixes).\n- mmc: via-sdmmc: fix return value check of mmc_add_host() (git-fixes).\n- mmc: vub300: fix return value check of mmc_add_host() (git-fixes).\n- mmc: vub300: fix warning - do not call blocking ops when !TASK_RUNNING (git-fixes).\n- mmc: wbsd: fix return value check of mmc_add_host() (git-fixes).\n- mmc: wmt-sdmmc: fix return value check of mmc_add_host() (git-fixes).\n- module: change to print useful messages from elf_validity_check() (git-fixes).\n- module: fix [e_shstrndx].sh_size=0 OOB access (git-fixes).\n- mt76: stop the radar detector after leaving dfs channel (git-fixes).\n- mtd: Fix device name leak when register device failed in add_mtd_device() (git-fixes).\n- mtd: lpddr2_nvm: Fix possible null-ptr-deref (git-fixes).\n- mtd: maps: pxa2xx-flash: fix memory leak in probe (git-fixes).\n- mtd: spi-nor: Check for zero erase size in spi_nor_find_best_erase_type() (git-fixes).\n- mtd: spi-nor: Fix the number of bytes for the dummy cycles (git-fixes).\n- mtd: spi-nor: hide jedec_id sysfs attribute if not present (git-fixes).\n- net: allow retransmitting a TCP packet if original is still in queue (bsc#1188605 bsc#1187428 bsc#1206619).\n- net: mana: Fix race on per-CQ variable napi work_done (git-fixes).\n- net: phy: xgmiitorgmii: Fix refcount leak in xgmiitorgmii_probe (git-fixes).\n- net: usb: qmi_wwan: add u-blox 0x1342 composition (git-fixes).\n- net: usb: smsc95xx: fix external PHY reset (git-fixes).\n- net/mlx5: Fix mlx5_get_next_dev() peer device matching (bsc#1206536).\n- net/mlx5: Lag, filter non compatible devices (bsc#1206536).\n- netfilter: nfnetlink_osf: fix possible bogus match in nf_osf_find() (bsc#1204614).\n- nfc: Fix potential resource leaks (git-fixes).\n- nfc: pn533: Clear nfc_target before being used (git-fixes).\n- nfc: pn533: Wait for out_urb's completion in pn533_usb_send_frame() (git-fixes).\n- NFS: Handle missing attributes in OPEN reply (bsc#1203740).\n- nilfs2: fix shift-out-of-bounds due to too large exponent of block size (git-fixes).\n- nilfs2: fix shift-out-of-bounds/overflow in nilfs_sb2_bad_offset() (git-fixes).\n- octeontx2-af: Add PTP PPS Errata workaround on CN10K silicon (jsc#SLE-24682).\n- octeontx2-af: Allow mkex profile without DMAC and add L2M/L2B header extraction support (jsc#SLE-24682).\n- octeontx2-af: Do not reset previous pfc config (jsc#SLE-24682).\n- octeontx2-af: fix operand size in bitwise operation (jsc#SLE-24682).\n- octeontx2-af: Initialize PTP_SEC_ROLLOVER register properly (jsc#SLE-24682).\n- octeontx2-af: Limit link bringup time at firmware (jsc#SLE-24682).\n- octeontx2-af: return correct ptp timestamp for CN10K silicon (jsc#SLE-24682).\n- octeontx2-af: Set NIX link credits based on max LMAC (jsc#SLE-24682).\n- octeontx2-af: Skip CGX/RPM probe incase of zero lmac count (jsc#SLE-24682).\n- octeontx2-pf: Add egress PFC support (jsc#SLE-24682).\n- octeontx2-pf: Add support for ptp 1-step mode on CN10K silicon (jsc#SLE-24682).\n- octeontx2-pf: Fix lmtst ID used in aura free (jsc#SLE-24682).\n- octeontx2-pf: Fix pfc_alloc_status array overflow (jsc#SLE-24682).\n- octeontx2-pf: Fix SQE threshold checking (jsc#SLE-24682).\n- octeontx2-pf: Fix unused variable build error (jsc#SLE-24682).\n- octeontx2-pf: NIX TX overwrites SQ_CTX_HW_S[SQ_INT] (jsc#SLE-24682).\n- octeontx2-pf: Reduce minimum mtu size to 60 (jsc#SLE-24682).\n- octeontx2: Modify mbox request and response structures (jsc#SLE-24682).\n- padata: Fix list iterator in padata_do_serial() (git-fixes).\n- PCI: Check for alloc failure in pci_request_irq() (git-fixes).\n- PCI: dwc: Fix n_fts[] array overrun (git-fixes).\n- PCI: Fix pci_device_is_present() for VFs by checking PF (git-fixes).\n- PCI: pci-epf-test: Register notifier if only core_init_notifier is enabled (git-fixes).\n- PCI: vmd: Disable MSI remapping after suspend (git-fixes).\n- PCI/sysfs: Fix double free in error path (git-fixes).\n- phy: usb: s2 WoL wakeup_count not incremented for USB->Eth devices (git-fixes).\n- pinctrl: k210: call of_node_put() (git-fixes).\n- pinctrl: meditatek: Startup with the IRQs disabled (git-fixes).\n- pinctrl: pinconf-generic: add missing of_node_put() (git-fixes).\n- platform/chrome: cros_ec_typec: Cleanup switch handle return paths (git-fixes).\n- platform/chrome: cros_usbpd_notify: Fix error handling in cros_usbpd_notify_init() (git-fixes).\n- platform/mellanox: mlxbf-pmc: Fix event typo (git-fixes).\n- platform/x86: huawei-wmi: fix return value calculation (git-fixes).\n- platform/x86: intel_scu_ipc: fix possible name leak in __intel_scu_ipc_register() (git-fixes).\n- platform/x86: mxm-wmi: fix memleak in mxm_wmi_call_mx[ds|mx]() (git-fixes).\n- PM: hibernate: Fix mistake in kerneldoc comment (git-fixes).\n- PM: runtime: Do not call __rpm_callback() from rpm_idle() (git-fixes).\n- PNP: fix name memory leak in pnp_alloc_dev() (git-fixes).\n- power: supply: ab8500: Fix error handling in ab8500_charger_init() (git-fixes).\n- power: supply: fix null pointer dereferencing in power_supply_get_battery_info (git-fixes).\n- power: supply: fix residue sysfs file in error handle route of __power_supply_register() (git-fixes).\n- power: supply: z2_battery: Fix possible memleak in z2_batt_probe() (git-fixes).\n- powerpc: export the CPU node count (bsc#1207016 ltc#201108).\n- powerpc: Take in account addition CPU node when building kexec FDT (bsc#1207016 ltc#201108).\n- powerpc/64: Init jump labels before parse_early_param() (bsc#1065729).\n- powerpc/pci: Fix get_phb_number() locking (bsc#1065729).\n- powerpc/perf: callchain validate kernel stack pointer bounds (bsc#1065729).\n- powerpc/powernv: add missing of_node_put (bsc#1065729).\n- powerpc/pseries: unregister VPA when hot unplugging a CPU (bsc#1205695 ltc#200603).\n- powerpc/pseries/eeh: use correct API for error log size (bsc#1065729).\n- powerpc/rtas: avoid device tree lookups in rtas_os_term() (bsc#1065729).\n- powerpc/rtas: avoid scheduling in rtas_os_term() (bsc#1065729).\n- powerpc/xive: add missing iounmap() in error path in xive_spapr_populate_irq_data() (git-fixes).\n- powerpc/xive/spapr: correct bitmap allocation size (git-fixes).\n- proc: fixup uptime selftest (git-fixes).\n- pstore: Avoid kcore oops by vmap()ing with VM_IOREMAP (git-fixes).\n- pstore: Make sure CONFIG_PSTORE_PMSG selects CONFIG_RT_MUTEXES (git-fixes).\n- pstore: Properly assign mem_type property (git-fixes).\n- pstore: Switch pmsg_lock to an rt_mutex to avoid priority inversion (git-fixes).\n- pstore/ram: Fix error return code in ramoops_probe() (git-fixes).\n- pstore/zone: Use GFP_ATOMIC to allocate zone buffer (git-fixes).\n- pwm: lpc18xx-sct: Fix a comment to match code (git-fixes).\n- pwm: mediatek: always use bus clock for PWM on MT7622 (git-fixes).\n- pwm: sifive: Call pwm_sifive_update_clock() while mutex is held (git-fixes).\n- pwm: tegra: Improve required rate calculation (git-fixes).\n- r6040: Fix kmemleak in probe and remove (git-fixes).\n- random: allow partial reads if later user copies fail (bsc#1204911).\n- random: check for signals every PAGE_SIZE chunk of /dev/random (bsc#1204911).\n- random: convert to using fops->read_iter() (bsc#1204911).\n- random: convert to using fops->write_iter() (bsc#1204911).\n- random: remove outdated INT_MAX >> 6 check in urandom_read() (bsc#1204911).\n- random: zero buffer after reading entropy from userspace (bsc#1204911).\n- RDMA: Disable IB HW for UML (git-fixes)\n- RDMA/core: Fix order of nldev_exit call (git-fixes)\n- RDMA/core: Make sure 'ib_port' is valid when access sysfs node (git-fixes)\n- RDMA/efa: Add EFA 0xefa2 PCI ID (git-fixes)\n- RDMA/hfi: Decrease PCI device reference count in error path (git-fixes)\n- RDMA/hfi1: Fix error return code in parse_platform_config() (git-fixes)\n- RDMA/hns: Fix AH attr queried by query_qp (git-fixes)\n- RDMA/hns: Fix error code of CMD (git-fixes)\n- RDMA/hns: Fix ext_sge num error when post send (git-fixes)\n- RDMA/hns: fix memory leak in hns_roce_alloc_mr() (git-fixes)\n- RDMA/hns: Fix page size cap from firmware (git-fixes)\n- RDMA/hns: Fix PBL page MTR find (git-fixes)\n- RDMA/hns: Fix XRC caps on HIP08 (git-fixes)\n- RDMA/hns: Repacing 'dseg_len' by macros in fill_ext_sge_inl_data() (git-fixes)\n- RDMA/irdma: Do not request 2-level PBLEs for CQ alloc (git-fixes)\n- RDMA/irdma: Initialize net_type before checking it (git-fixes)\n- RDMA/irdma: Report the correct link speed (git-fixes)\n- RDMA/nldev: Add checks for nla_nest_start() in fill_stat_counter_qps() (git-fixes)\n- RDMA/nldev: Fix failure to send large messages (git-fixes)\n- RDMA/nldev: Return '-EAGAIN' if the cm_id isn't from expected port (git-fixes)\n- RDMA/restrack: Release MR restrack when delete (git-fixes)\n- RDMA/rxe: Fix NULL-ptr-deref in rxe_qp_do_cleanup() when socket create failed (git-fixes)\n- RDMA/siw: Fix immediate work request flush to completion queue (git-fixes)\n- RDMA/siw: Fix pointer cast warning (git-fixes)\n- RDMA/siw: Set defined status for work completion with undefined status (git-fixes)\n- RDMA/srp: Fix error return code in srp_parse_options() (git-fixes)\n- regulator: bd718x7: Drop unnecessary info print (git-fixes).\n- regulator: core: fix deadlock on regulator enable (git-fixes).\n- regulator: core: fix module refcount leak in set_supply() (git-fixes).\n- regulator: core: fix resource leak in regulator_register() (git-fixes).\n- regulator: core: fix unbalanced of node refcount in regulator_dev_lookup() (git-fixes).\n- regulator: core: fix use_count leakage when handling boot-on (git-fixes).\n- regulator: core: use kfree_const() to free space conditionally (git-fixes).\n- regulator: qcom-labibb: Fix missing of_node_put() in qcom_labibb_regulator_probe() (git-fixes).\n- regulator: qcom-rpmh: Fix PMR735a S3 regulator spec (git-fixes).\n- regulator: slg51000: Wait after asserting CS pin (git-fixes).\n- regulator: twl6030: fix get status of twl6032 regulators (git-fixes).\n- remoteproc: core: Do pm_relax when in RPROC_OFFLINE state (git-fixes).\n- remoteproc: qcom_q6v5_pas: detach power domains on remove (git-fixes).\n- remoteproc: qcom_q6v5_pas: disable wakeup on probe fail or remove (git-fixes).\n- remoteproc: qcom_q6v5_pas: Fix missing of_node_put() in adsp_alloc_memory_region() (git-fixes).\n- remoteproc: qcom: q6v5: Fix missing clk_disable_unprepare() in q6v5_wcss_qcs404_power_on() (git-fixes).\n- remoteproc: qcom: q6v5: Fix potential null-ptr-deref in q6v5_wcss_init_mmio() (git-fixes).\n- remoteproc: sysmon: fix memory leak in qcom_add_sysmon_subdev() (git-fixes).\n- restore m_can_lec_type (git-fixes).\n- rtc: cmos: fix build on non-ACPI platforms (git-fixes).\n- rtc: cmos: Fix event handler registration ordering issue (git-fixes).\n- rtc: cmos: Fix wake alarm breakage (git-fixes).\n- rtc: ds1347: fix value written to century register (git-fixes).\n- rtc: mxc_v2: Add missing clk_disable_unprepare() (git-fixes).\n- rtc: pcf85063: fix pcf85063_clkout_control (gut-fixes).\n- rtc: pcf85063: Fix reading alarm (git-fixes).\n- rtc: pic32: Move devm_rtc_allocate_device earlier in pic32_rtc_probe() (git-fixes).\n- rtc: rtc-cmos: Do not check ACPI_FADT_LOW_POWER_S0 (git-fixes).\n- rtc: snvs: Allow a time difference on clock register read (git-fixes).\n- rtc: st-lpc: Add missing clk_disable_unprepare in st_rtc_probe() (git-fixes).\n- rtmutex: Add acquire semantics for rtmutex lock acquisition slow path (bnc#1203829).\n- s390/boot: add secure boot trailer (bsc#1205257 LTC#200451).\n- sbitmap: fix lockup while swapping (bsc#1206602).\n- sched/core: Fix comparison in sched_group_cookie_match() (git-fixes)\n- sched/core: Fix the bug that task won't enqueue into core (git-fixes)\n- sched/topology: Remove redundant variable and fix incorrect (git-fixes)\n- sched/uclamp: Fix relationship between uclamp and migration (git-fixes)\n- sched/uclamp: Make task_fits_capacity() use util_fits_cpu() (git-fixes)\n- scsi: 3w-9xxx: Avoid disabling device if failing to enable it (git-fixes).\n- scsi: advansys: Fix kernel pointer leak (git-fixes).\n- scsi: aha152x: Fix aha152x_setup() __setup handler return value (git-fixes).\n- scsi: bfa: Replace snprintf() with sysfs_emit() (git-fixes).\n- scsi: core: Fix sbitmap depth in scsi_realloc_sdev_budget_map() (git-fixes).\n- scsi: core: Fix scsi_mode_sense() buffer length handling (git-fixes).\n- scsi: core: Reallocate device's budget map on queue depth change (git-fixes).\n- scsi: core: Restrict legal sdev_state transitions via sysfs (git-fixes).\n- scsi: hisi_sas: Free irq vectors in order for v3 HW (git-fixes).\n- scsi: hisi_sas: Limit max hw sectors for v3 HW (git-fixes).\n- scsi: hisi_sas: Use managed PCI functions (git-fixes).\n- scsi: ipr: Fix missing/incorrect resource cleanup in error case (git-fixes).\n- scsi: iscsi: Add recv workqueue helpers (git-fixes).\n- scsi: iscsi: Fix harmless double shift bug (git-fixes).\n- scsi: iscsi: Fix possible memory leak when device_register() failed (git-fixes).\n- scsi: iscsi: iscsi_tcp: Fix null-ptr-deref while calling getpeername() (git-fixes).\n- scsi: iscsi: kabi: add iscsi_conn_queue_work back (git-fixes).\n- scsi: iscsi: kabi: fix libiscsi new field (git-fixes).\n- scsi: iscsi: Merge suspend fields (git-fixes).\n- scsi: iscsi: Rename iscsi_conn_queue_work() (git-fixes).\n- scsi: iscsi: Run recv path from workqueue (git-fixes).\n- scsi: iscsi: Unblock session then wake up error handler (git-fixes).\n- scsi: libfc: Fix use after free in fc_exch_abts_resp() (git-fixes).\n- scsi: libiscsi: Fix UAF in iscsi_conn_get_param()/iscsi_conn_teardown() (git-fixes).\n- scsi: lpfc: Correct bandwidth logging during receipt of congestion sync WCQE (jsc#PED-1445).\n- scsi: lpfc: Fix crash involving race between FLOGI timeout and devloss handler (jsc#PED-1445).\n- scsi: lpfc: Fix MI capability display in cmf_info sysfs attribute (jsc#PED-1445).\n- scsi: lpfc: Fix WQ|CQ|EQ resource check (jsc#PED-1445).\n- scsi: lpfc: Remove linux/msi.h include (jsc#PED-1445).\n- scsi: lpfc: Remove redundant pointer 'lp' (jsc#PED-1445).\n- scsi: lpfc: Update lpfc version to 14.2.0.9 (jsc#PED-1445).\n- scsi: lpfc: Use memset_startat() helper (jsc#PED-1445).\n- scsi: megaraid_sas: Fix double kfree() (git-fixes).\n- scsi: megaraid_sas: Target with invalid LUN ID is deleted during scan (git-fixes).\n- scsi: megaraid: Fix error check return value of register_chrdev() (git-fixes).\n- scsi: mpi3mr: Fix memory leaks (git-fixes).\n- scsi: mpi3mr: Fix reporting of actual data transfer size (git-fixes).\n- scsi: mpi3mr: Fixes around reply request queues (git-fixes).\n- scsi: mpt3sas: Do not change DMA mask while reallocating pools (bsc#1206912,bsc#1206098).\n- scsi: mpt3sas: Fail reset operation if config request timed out (git-fixes).\n- scsi: mpt3sas: Fix out-of-bounds compiler warning (git-fixes).\n- scsi: mpt3sas: re-do lost mpt3sas DMA mask fix (bsc#1206912,bsc#1206098).\n- scsi: mpt3sas: Remove usage of dma_get_required_mask() API (bsc#1206912,bsc#1206098).\n- scsi: mvsas: Add PCI ID of RocketRaid 2640 (git-fixes).\n- scsi: mvsas: Replace snprintf() with sysfs_emit() (git-fixes).\n- scsi: myrb: Fix up null pointer access on myrb_cleanup() (git-fixes).\n- scsi: myrs: Fix crash in error case (git-fixes).\n- scsi: ncr53c8xx: Remove unused retrieve_from_waiting_list() function (git-fixes).\n- scsi: pm8001: Fix bogus FW crash for maxcpus=1 (git-fixes).\n- scsi: pm8001: Fix memory leak in pm8001_chip_fw_flash_update_req() (git-fixes).\n- scsi: pm8001: Fix pm8001_mpi_task_abort_resp() (git-fixes).\n- scsi: pm8001: Fix pm80xx_pci_mem_copy() interface (git-fixes).\n- scsi: pm8001: Fix tag leaks on error (git-fixes).\n- scsi: pm8001: Fix task leak in pm8001_send_abort_all() (git-fixes).\n- scsi: pm8001: Fix use-after-free for aborted SSP/STP sas_task (git-fixes).\n- scsi: pm8001: Fix use-after-free for aborted TMF sas_task (git-fixes).\n- scsi: pm80xx: Fix double completion for SATA devices (git-fixes).\n- scsi: pm80xx: Fix memory leak during rmmod (git-fixes).\n- scsi: pmcraid: Fix missing resource cleanup in error case (git-fixes).\n- scsi: qedf: Add stag_work to all the vports (git-fixes).\n- scsi: qedf: Change context reset messages to ratelimited (git-fixes).\n- scsi: qedf: Fix a UAF bug in __qedf_probe() (git-fixes).\n- scsi: qedf: Fix refcount issue when LOGO is received during TMF (git-fixes).\n- scsi: qla2xxx: Fix crash when I/O abort times out (jsc#PED-568).\n- scsi: qla2xxx: Fix set-but-not-used variable warnings (jsc#PED-568).\n- scsi: qla2xxx: Initialize vha->unknown_atio_[list, work] for NPIV hosts (jsc#PED-568).\n- scsi: qla2xxx: Remove duplicate of vha->iocb_work initialization (jsc#PED-568).\n- scsi: qla2xxx: Remove unused variable 'found_devs' (jsc#PED-568).\n- scsi: scsi_debug: Fix out-of-bound read in resp_readcap16() (git-fixes).\n- scsi: scsi_debug: Fix out-of-bound read in resp_report_tgtpgs() (git-fixes).\n- scsi: scsi_debug: Fix possible UAF in sdebug_add_host_helper() (git-fixes).\n- scsi: scsi_debug: Make the READ CAPACITY response compliant with ZBC (git-fixes).\n- scsi: scsi_dh_alua: Properly handle the ALUA transitioning state (git-fixes).\n- scsi: smartpqi: Fix kdump issue when controller is locked up (git-fixes).\n- scsi: sr: Do not use GFP_DMA (git-fixes).\n- scsi: ufs: core: Fix ufshcd_probe_hba() prototype to match the definition (git-fixes).\n- scsi: ufs: Fix a kernel crash during shutdown (git-fixes).\n- scsi: ufs: Treat link loss as fatal error (git-fixes).\n- scsi: ufs: ufshcd-pltfrm: Check the return value of devm_kstrdup() (git-fixes).\n- scsi: ufs: Use generic error code in ufshcd_set_dev_pwr_mode() (git-fixes).\n- scsi: ufs: Use pm_runtime_resume_and_get() instead of pm_runtime_get_sync() (git-fixes).\n- scsi: vmw_pvscsi: Expand vcpuHint to 16 bits (git-fixes).\n- sctp: sysctl: make extra pointers netns aware (bsc#1204760).\n- selftests: devlink: fix the fd redirect in dummy_reporter_test (git-fixes).\n- selftests: set the BUILD variable to absolute path (git-fixes).\n- selftests: Use optional USERCFLAGS and USERLDFLAGS (git-fixes).\n- selftests/efivarfs: Add checking of the test return value (git-fixes).\n- selftests/ftrace: event_triggers: wait longer for test_event_enable (git-fixes).\n- selftests/powerpc: Fix resource leaks (git-fixes).\n- serial: 8250_bcm7271: Fix error handling in brcmuart_init() (git-fixes).\n- serial: amba-pl011: avoid SBSA UART accessing DMACR register (git-fixes).\n- serial: pch: Fix PCI device refcount leak in pch_request_dma() (git-fixes).\n- serial: pl011: Do not clear RX FIFO & RX interrupt in unthrottle (git-fixes).\n- serial: stm32: move dma_request_chan() before clk_prepare_enable() (git-fixes).\n- serial: sunsab: Fix error handling in sunsab_init() (git-fixes).\n- serial: tegra: Read DMA status before terminating (git-fixes).\n- soc: mediatek: pm-domains: Fix the power glitch issue (git-fixes).\n- soc: qcom: llcc: make irq truly optional (git-fixes).\n- soc: qcom: Select REMAP_MMIO for LLCC driver (git-fixes).\n- soc: ti: knav_qmss_queue: Fix PM disable depth imbalance in knav_queue_probe (git-fixes).\n- soc: ti: knav_qmss_queue: Use pm_runtime_resume_and_get instead of pm_runtime_get_sync (git-fixes).\n- soc: ti: smartreflex: Fix PM disable depth imbalance in omap_sr_probe (git-fixes).\n- soundwire: dmi-quirks: add quirk variant for LAPBC710 NUC15 (git-fixes).\n- spi: spi-gpio: Do not set MOSI as an input if not 3WIRE mode (git-fixes).\n- spi: spidev: mask SPI_CS_HIGH in SPI_IOC_RD_MODE (git-fixes).\n- spi: Update reference to struct spi_controller (git-fixes).\n- staging: media: tegra-video: fix chan->mipi value on error (git-fixes).\n- staging: media: tegra-video: fix device_node use after free (git-fixes).\n- staging: rtl8192e: Fix potential use-after-free in rtllib_rx_Monitor() (git-fixes).\n- staging: rtl8192u: Fix use after free in ieee80211_rx() (git-fixes).\n- string.h: Introduce memset_startat() for wiping trailing members and padding (jsc#PED-1445).\n- test_firmware: fix memory leak in test_firmware_init() (git-fixes).\n- thermal: core: fix some possible name leaks in error paths (git-fixes).\n- thermal: int340x: Add missing attribute for data rate base (git-fixes).\n- thermal/drivers/imx8mm_thermal: Validate temperature range (git-fixes).\n- thermal/drivers/qcom/temp-alarm: Fix inaccurate warning for gen2 (git-fixes).\n- timers: implement usleep_idle_range() (git-fixes).\n- tpm: acpi: Call acpi_put_table() to fix memory leak (git-fixes).\n- tpm: tpm_crb: Add the missed acpi_put_table() to fix memory leak (git-fixes).\n- tpm: tpm_tis: Add the missed acpi_put_table() to fix memory leak (git-fixes).\n- tpm/tpm_crb: Fix error message in __crb_relinquish_locality() (git-fixes).\n- tpm/tpm_ftpm_tee: Fix error handling in ftpm_mod_init() (git-fixes).\n- tracing: Add tracing_reset_all_online_cpus_unlocked() function (git-fixes).\n- tracing: Free buffers when a used dynamic event is removed (git-fixes).\n- tracing/doc: Fix typos on the timerlat tracer documentation (git-fixes).\n- tracing/osnoise: Fix duration type (git-fixes).\n- tty: serial: altera_uart_{r,t}x_chars() need only uart_port (git-fixes).\n- tty: serial: clean up stop-tx part in altera_uart_tx_chars() (git-fixes).\n- uio: uio_dmem_genirq: Fix deadlock between irq config and handling (git-fixes).\n- uio: uio_dmem_genirq: Fix missing unlock in irq configuration (git-fixes).\n- units: Add SI metric prefix definitions (git-fixes).\n- units: add the HZ macros (git-fixes).\n- usb: cdnsp: fix lack of ZLP for ep0 (git-fixes).\n- usb: dwc3: core: defer probe on ulpi_read_id timeout (git-fixes).\n- usb: dwc3: fix PHY disable sequence (git-fixes).\n- usb: dwc3: Fix race between dwc3_set_mode and __dwc3_set_mode (git-fixes).\n- usb: dwc3: gadget: Disable GUSB2PHYCFG.SUSPHY for End Transfer (git-fixes).\n- usb: dwc3: pci: Update PCIe device ID for USB3 controller on CPU sub-system for Raptor Lake (git-fixes).\n- usb: dwc3: qcom: fix runtime PM wakeup (git-fixes).\n- usb: gadget: uvc: Prevent buffer overflow in setup handler (git-fixes).\n- usb: gadget: uvc: Rename bmInterfaceFlags -> bmInterlaceFlags (git-fixes).\n- usb: rndis_host: Secure rndis_query check against int overflow (git-fixes).\n- usb: roles: fix of node refcount leak in usb_role_switch_is_parent() (git-fixes).\n- usb: serial: cp210x: add Kamstrup RF sniffer PIDs (git-fixes).\n- usb: serial: f81232: fix division by zero on line-speed change (git-fixes).\n- usb: serial: f81534: fix division by zero on line-speed change (git-fixes).\n- usb: serial: option: add Quectel EM05-G modem (git-fixes).\n- usb: storage: Add check for kcalloc (git-fixes).\n- usb: typec: Check for ops->exit instead of ops->enter in altmode_exit (git-fixes).\n- usb: typec: Factor out non-PD fwnode properties (git-fixes).\n- usb: typec: tcpci: fix of node refcount leak in tcpci_register_port() (git-fixes).\n- usb: typec: tipd: Cleanup resources if devm_tps6598_psy_register fails (git-fixes).\n- usb: typec: tipd: Fix spurious fwnode_handle_put in error path (git-fixes).\n- usb: ulpi: defer ulpi_register on ulpi_read_id timeout (git-fixes).\n- usb: xhci-mtk: fix leakage of shared hcd when fail to set wakeup irq (git-fixes).\n- vdpa_sim: fix possible memory leak in vdpasim_net_init() and vdpasim_blk_init() (git-fixes).\n- vdpa_sim: fix vringh initialization in vdpasim_queue_ready() (git-fixes).\n- vfio: platform: Do not pass return buffer to ACPI _RST method (git-fixes).\n- vhost: fix range used in translate_desc() (git-fixes).\n- vhost/vsock: Fix error handling in vhost_vsock_init() (git-fixes).\n- vmxnet3: correctly report csum_level for encapsulated packet (git-fixes).\n- vringh: fix range used in iotlb_translate() (git-fixes).\n- vsock: Enable y2038 safe timeval for timeout (bsc#1206101).\n- vsock: Refactor vsock_*_getsockopt to resemble sock_getsockopt (bsc#1206101).\n- wifi: ar5523: Fix use-after-free on ar5523_cmd() timed out (git-fixes).\n- wifi: ath10k: Fix return value in ath10k_pci_init() (git-fixes).\n- wifi: ath9k: hif_usb: fix memory leak of urbs in ath9k_hif_usb_dealloc_tx_urbs() (git-fixes).\n- wifi: ath9k: hif_usb: Fix use-after-free in ath9k_hif_usb_reg_in_cb() (git-fixes).\n- wifi: ath9k: verify the expected usb_endpoints are present (git-fixes).\n- wifi: brcmfmac: Fix error return code in brcmf_sdio_download_firmware() (git-fixes).\n- wifi: brcmfmac: Fix potential shift-out-of-bounds in brcmf_fw_alloc_request() (git-fixes).\n- wifi: cfg80211: Fix not unregister reg_pdev when load_builtin_regdb_keys() fails (git-fixes).\n- wifi: iwlwifi: mvm: fix double free on tx path (git-fixes).\n- wifi: mac80211: fix memory leak in ieee80211_if_add() (git-fixes).\n- wifi: mt76: do not run mt76u_status_worker if the device is not running (git-fixes).\n- wifi: mt76: fix coverity overrun-call in mt76_get_txpower() (git-fixes).\n- wifi: rsi: Fix handling of 802.3 EAPOL frames sent via control port (git-fixes).\n- wifi: rtl8xxxu: Add __packed to struct rtl8723bu_c2h (git-fixes).\n- wifi: rtl8xxxu: Fix the channel width reporting (git-fixes).\n- wifi: rtl8xxxu: gen2: Turn on the rate control (git-fixes).\n- wifi: rtw89: fix physts IE page check (git-fixes).\n- wifi: rtw89: Fix some error handling path in rtw89_core_sta_assoc() (git-fixes).\n- wifi: rtw89: use u32_encode_bits() to fill MAC quota value (git-fixes).\n- wifi: wilc1000: sdio: fix module autoloading (git-fixes).\n- xfrm: Fix oops in __xfrm_state_delete() (bsc#1206794).\n- xhci: Apply XHCI_RESET_TO_DEFAULT quirk to ADL-N (git-fixes).\n", title: "Description of the patch", }, { category: "details", text: "SUSE-2023-146,SUSE-SLE-Module-Public-Cloud-15-SP4-2023-146,openSUSE-SLE-15.4-2023-146", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_0146-1.json", }, { category: "self", summary: "URL for SUSE-SU-2023:0146-1", url: "https://www.suse.com/support/update/announcement/2023/suse-su-20230146-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2023:0146-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2023-January/013527.html", }, { category: "self", summary: "SUSE Bug 1065729", url: "https://bugzilla.suse.com/1065729", }, { category: "self", summary: "SUSE Bug 1187428", url: "https://bugzilla.suse.com/1187428", }, { category: "self", summary: "SUSE Bug 1188605", url: "https://bugzilla.suse.com/1188605", }, { category: "self", summary: "SUSE Bug 1190969", url: "https://bugzilla.suse.com/1190969", }, { category: "self", summary: "SUSE Bug 1191259", url: "https://bugzilla.suse.com/1191259", }, { category: "self", summary: "SUSE Bug 1193629", url: "https://bugzilla.suse.com/1193629", }, { category: "self", summary: "SUSE Bug 1199294", url: "https://bugzilla.suse.com/1199294", }, { category: "self", summary: "SUSE Bug 1201068", url: "https://bugzilla.suse.com/1201068", }, { category: "self", summary: "SUSE Bug 1203219", url: "https://bugzilla.suse.com/1203219", }, { category: "self", summary: "SUSE Bug 1203740", url: "https://bugzilla.suse.com/1203740", }, { category: "self", summary: "SUSE Bug 1203829", url: "https://bugzilla.suse.com/1203829", }, { category: "self", summary: "SUSE Bug 1204614", url: "https://bugzilla.suse.com/1204614", }, { category: "self", summary: "SUSE Bug 1204652", url: "https://bugzilla.suse.com/1204652", }, { category: "self", summary: "SUSE Bug 1204760", url: "https://bugzilla.suse.com/1204760", }, { category: "self", summary: "SUSE Bug 1204911", url: "https://bugzilla.suse.com/1204911", }, { category: "self", summary: "SUSE Bug 1204989", url: "https://bugzilla.suse.com/1204989", }, { category: "self", summary: "SUSE Bug 1205257", url: "https://bugzilla.suse.com/1205257", }, { category: "self", summary: "SUSE Bug 1205263", url: "https://bugzilla.suse.com/1205263", }, { category: "self", summary: "SUSE Bug 1205485", url: "https://bugzilla.suse.com/1205485", }, { category: "self", summary: "SUSE Bug 1205496", url: "https://bugzilla.suse.com/1205496", }, { category: "self", summary: "SUSE Bug 1205601", url: "https://bugzilla.suse.com/1205601", }, { category: "self", summary: "SUSE Bug 1205695", url: "https://bugzilla.suse.com/1205695", }, { category: "self", summary: "SUSE Bug 1206073", url: "https://bugzilla.suse.com/1206073", }, { category: "self", summary: "SUSE Bug 1206098", url: "https://bugzilla.suse.com/1206098", }, { category: "self", summary: "SUSE Bug 1206101", url: "https://bugzilla.suse.com/1206101", }, { category: "self", summary: "SUSE Bug 1206188", url: "https://bugzilla.suse.com/1206188", }, { category: "self", summary: "SUSE Bug 1206209", url: "https://bugzilla.suse.com/1206209", }, { category: "self", summary: "SUSE Bug 1206344", url: "https://bugzilla.suse.com/1206344", }, { category: "self", summary: "SUSE Bug 1206389", url: "https://bugzilla.suse.com/1206389", }, { category: "self", summary: "SUSE Bug 1206390", url: "https://bugzilla.suse.com/1206390", }, { category: "self", summary: "SUSE Bug 1206391", url: "https://bugzilla.suse.com/1206391", }, { category: "self", summary: "SUSE Bug 1206393", url: "https://bugzilla.suse.com/1206393", }, { category: "self", summary: "SUSE Bug 1206394", url: "https://bugzilla.suse.com/1206394", }, { category: "self", summary: "SUSE Bug 1206395", url: "https://bugzilla.suse.com/1206395", }, { category: "self", summary: "SUSE Bug 1206396", url: "https://bugzilla.suse.com/1206396", }, { category: "self", summary: "SUSE Bug 1206397", url: "https://bugzilla.suse.com/1206397", }, { category: "self", summary: "SUSE Bug 1206398", url: "https://bugzilla.suse.com/1206398", }, { category: "self", summary: "SUSE Bug 1206399", url: "https://bugzilla.suse.com/1206399", }, { category: "self", summary: "SUSE Bug 1206456", url: "https://bugzilla.suse.com/1206456", }, { category: "self", summary: "SUSE Bug 1206468", url: "https://bugzilla.suse.com/1206468", }, { category: "self", summary: "SUSE Bug 1206515", url: "https://bugzilla.suse.com/1206515", }, { category: "self", summary: "SUSE Bug 1206536", url: "https://bugzilla.suse.com/1206536", }, { category: "self", summary: "SUSE Bug 1206554", url: "https://bugzilla.suse.com/1206554", }, { category: "self", summary: "SUSE Bug 1206602", url: "https://bugzilla.suse.com/1206602", }, { category: "self", summary: "SUSE Bug 1206619", url: "https://bugzilla.suse.com/1206619", }, { category: "self", summary: "SUSE Bug 1206664", url: "https://bugzilla.suse.com/1206664", }, { category: "self", summary: "SUSE Bug 1206703", url: "https://bugzilla.suse.com/1206703", }, { category: "self", summary: "SUSE Bug 1206794", url: "https://bugzilla.suse.com/1206794", }, { category: "self", summary: "SUSE Bug 1206896", url: "https://bugzilla.suse.com/1206896", }, { category: "self", summary: "SUSE Bug 1206912", url: "https://bugzilla.suse.com/1206912", }, { category: "self", summary: "SUSE Bug 1207016", url: "https://bugzilla.suse.com/1207016", }, { category: "self", summary: "SUSE CVE CVE-2022-3104 page", url: "https://www.suse.com/security/cve/CVE-2022-3104/", }, { category: "self", summary: "SUSE CVE CVE-2022-3105 page", url: "https://www.suse.com/security/cve/CVE-2022-3105/", }, { category: "self", summary: "SUSE CVE CVE-2022-3106 page", url: "https://www.suse.com/security/cve/CVE-2022-3106/", }, { category: "self", summary: "SUSE CVE CVE-2022-3107 page", url: "https://www.suse.com/security/cve/CVE-2022-3107/", }, { category: "self", summary: "SUSE CVE CVE-2022-3108 page", url: "https://www.suse.com/security/cve/CVE-2022-3108/", }, { category: "self", summary: "SUSE CVE CVE-2022-3111 page", url: "https://www.suse.com/security/cve/CVE-2022-3111/", }, { category: "self", summary: "SUSE CVE CVE-2022-3112 page", url: "https://www.suse.com/security/cve/CVE-2022-3112/", }, { category: "self", summary: "SUSE CVE CVE-2022-3113 page", url: "https://www.suse.com/security/cve/CVE-2022-3113/", }, { category: "self", summary: "SUSE CVE CVE-2022-3114 page", url: "https://www.suse.com/security/cve/CVE-2022-3114/", }, { category: "self", summary: "SUSE CVE CVE-2022-3115 page", url: "https://www.suse.com/security/cve/CVE-2022-3115/", }, { category: "self", summary: "SUSE CVE CVE-2022-3344 page", url: "https://www.suse.com/security/cve/CVE-2022-3344/", }, { category: "self", summary: "SUSE CVE CVE-2022-3564 page", url: "https://www.suse.com/security/cve/CVE-2022-3564/", }, { category: "self", summary: "SUSE CVE CVE-2022-4379 page", url: "https://www.suse.com/security/cve/CVE-2022-4379/", }, { category: "self", summary: "SUSE CVE CVE-2022-4662 page", url: "https://www.suse.com/security/cve/CVE-2022-4662/", }, { category: "self", summary: "SUSE CVE CVE-2022-47520 page", url: "https://www.suse.com/security/cve/CVE-2022-47520/", }, ], title: "Security update for the Linux Kernel", tracking: { current_release_date: "2023-01-26T08:17:55Z", generator: { date: "2023-01-26T08:17:55Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2023:0146-1", initial_release_date: "2023-01-26T08:17:55Z", revision_history: [ { date: "2023-01-26T08:17:55Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "cluster-md-kmp-azure-5.14.21-150400.14.31.1.aarch64", product: { name: "cluster-md-kmp-azure-5.14.21-150400.14.31.1.aarch64", product_id: "cluster-md-kmp-azure-5.14.21-150400.14.31.1.aarch64", }, }, { category: "product_version", name: "dlm-kmp-azure-5.14.21-150400.14.31.1.aarch64", product: { name: "dlm-kmp-azure-5.14.21-150400.14.31.1.aarch64", product_id: "dlm-kmp-azure-5.14.21-150400.14.31.1.aarch64", }, }, { category: "product_version", name: "gfs2-kmp-azure-5.14.21-150400.14.31.1.aarch64", product: { name: "gfs2-kmp-azure-5.14.21-150400.14.31.1.aarch64", product_id: "gfs2-kmp-azure-5.14.21-150400.14.31.1.aarch64", }, }, { category: "product_version", name: "kernel-azure-5.14.21-150400.14.31.1.aarch64", product: { name: "kernel-azure-5.14.21-150400.14.31.1.aarch64", product_id: "kernel-azure-5.14.21-150400.14.31.1.aarch64", }, }, { category: "product_version", name: "kernel-azure-devel-5.14.21-150400.14.31.1.aarch64", product: { name: "kernel-azure-devel-5.14.21-150400.14.31.1.aarch64", product_id: "kernel-azure-devel-5.14.21-150400.14.31.1.aarch64", }, }, { category: "product_version", name: "kernel-azure-extra-5.14.21-150400.14.31.1.aarch64", product: { name: "kernel-azure-extra-5.14.21-150400.14.31.1.aarch64", product_id: "kernel-azure-extra-5.14.21-150400.14.31.1.aarch64", }, }, { category: "product_version", name: "kernel-azure-livepatch-devel-5.14.21-150400.14.31.1.aarch64", product: { name: "kernel-azure-livepatch-devel-5.14.21-150400.14.31.1.aarch64", product_id: "kernel-azure-livepatch-devel-5.14.21-150400.14.31.1.aarch64", }, }, { category: "product_version", name: "kernel-azure-optional-5.14.21-150400.14.31.1.aarch64", product: { name: "kernel-azure-optional-5.14.21-150400.14.31.1.aarch64", product_id: "kernel-azure-optional-5.14.21-150400.14.31.1.aarch64", }, }, { category: "product_version", name: "kernel-syms-azure-5.14.21-150400.14.31.1.aarch64", product: { name: "kernel-syms-azure-5.14.21-150400.14.31.1.aarch64", product_id: "kernel-syms-azure-5.14.21-150400.14.31.1.aarch64", }, }, { category: "product_version", name: "kselftests-kmp-azure-5.14.21-150400.14.31.1.aarch64", product: { name: "kselftests-kmp-azure-5.14.21-150400.14.31.1.aarch64", product_id: "kselftests-kmp-azure-5.14.21-150400.14.31.1.aarch64", }, }, { category: "product_version", name: "ocfs2-kmp-azure-5.14.21-150400.14.31.1.aarch64", product: { name: "ocfs2-kmp-azure-5.14.21-150400.14.31.1.aarch64", product_id: "ocfs2-kmp-azure-5.14.21-150400.14.31.1.aarch64", }, }, { category: "product_version", name: "reiserfs-kmp-azure-5.14.21-150400.14.31.1.aarch64", product: { name: "reiserfs-kmp-azure-5.14.21-150400.14.31.1.aarch64", product_id: "reiserfs-kmp-azure-5.14.21-150400.14.31.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "kernel-devel-azure-5.14.21-150400.14.31.1.noarch", product: { name: "kernel-devel-azure-5.14.21-150400.14.31.1.noarch", product_id: "kernel-devel-azure-5.14.21-150400.14.31.1.noarch", }, }, { category: "product_version", name: "kernel-source-azure-5.14.21-150400.14.31.1.noarch", product: { name: "kernel-source-azure-5.14.21-150400.14.31.1.noarch", product_id: "kernel-source-azure-5.14.21-150400.14.31.1.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "cluster-md-kmp-azure-5.14.21-150400.14.31.1.x86_64", product: { name: "cluster-md-kmp-azure-5.14.21-150400.14.31.1.x86_64", product_id: "cluster-md-kmp-azure-5.14.21-150400.14.31.1.x86_64", }, }, { category: "product_version", name: "dlm-kmp-azure-5.14.21-150400.14.31.1.x86_64", product: { name: "dlm-kmp-azure-5.14.21-150400.14.31.1.x86_64", product_id: "dlm-kmp-azure-5.14.21-150400.14.31.1.x86_64", }, }, { category: "product_version", name: "gfs2-kmp-azure-5.14.21-150400.14.31.1.x86_64", product: { name: "gfs2-kmp-azure-5.14.21-150400.14.31.1.x86_64", product_id: "gfs2-kmp-azure-5.14.21-150400.14.31.1.x86_64", }, }, { category: "product_version", name: "kernel-azure-5.14.21-150400.14.31.1.x86_64", product: { name: "kernel-azure-5.14.21-150400.14.31.1.x86_64", product_id: "kernel-azure-5.14.21-150400.14.31.1.x86_64", }, }, { category: "product_version", name: "kernel-azure-devel-5.14.21-150400.14.31.1.x86_64", product: { name: "kernel-azure-devel-5.14.21-150400.14.31.1.x86_64", product_id: "kernel-azure-devel-5.14.21-150400.14.31.1.x86_64", }, }, { category: "product_version", name: "kernel-azure-extra-5.14.21-150400.14.31.1.x86_64", product: { name: "kernel-azure-extra-5.14.21-150400.14.31.1.x86_64", product_id: "kernel-azure-extra-5.14.21-150400.14.31.1.x86_64", }, }, { category: "product_version", name: "kernel-azure-livepatch-devel-5.14.21-150400.14.31.1.x86_64", product: { name: "kernel-azure-livepatch-devel-5.14.21-150400.14.31.1.x86_64", product_id: "kernel-azure-livepatch-devel-5.14.21-150400.14.31.1.x86_64", }, }, { category: "product_version", name: "kernel-azure-optional-5.14.21-150400.14.31.1.x86_64", product: { name: "kernel-azure-optional-5.14.21-150400.14.31.1.x86_64", product_id: "kernel-azure-optional-5.14.21-150400.14.31.1.x86_64", }, }, { category: "product_version", name: "kernel-syms-azure-5.14.21-150400.14.31.1.x86_64", product: { name: "kernel-syms-azure-5.14.21-150400.14.31.1.x86_64", product_id: "kernel-syms-azure-5.14.21-150400.14.31.1.x86_64", }, }, { category: "product_version", name: "kselftests-kmp-azure-5.14.21-150400.14.31.1.x86_64", product: { name: "kselftests-kmp-azure-5.14.21-150400.14.31.1.x86_64", product_id: "kselftests-kmp-azure-5.14.21-150400.14.31.1.x86_64", }, }, { category: "product_version", name: "ocfs2-kmp-azure-5.14.21-150400.14.31.1.x86_64", product: { name: "ocfs2-kmp-azure-5.14.21-150400.14.31.1.x86_64", product_id: "ocfs2-kmp-azure-5.14.21-150400.14.31.1.x86_64", }, }, { category: "product_version", name: "reiserfs-kmp-azure-5.14.21-150400.14.31.1.x86_64", product: { name: "reiserfs-kmp-azure-5.14.21-150400.14.31.1.x86_64", product_id: "reiserfs-kmp-azure-5.14.21-150400.14.31.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Module for Public Cloud 15 SP4", product: { name: "SUSE Linux Enterprise Module for Public Cloud 15 SP4", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP4", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-public-cloud:15:sp4", }, }, }, { category: "product_name", name: "openSUSE Leap 15.4", product: { name: "openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4", product_identification_helper: { cpe: "cpe:/o:opensuse:leap:15.4", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "kernel-azure-5.14.21-150400.14.31.1.aarch64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP4", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.31.1.aarch64", }, product_reference: "kernel-azure-5.14.21-150400.14.31.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-azure-5.14.21-150400.14.31.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP4", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.31.1.x86_64", }, product_reference: "kernel-azure-5.14.21-150400.14.31.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-azure-devel-5.14.21-150400.14.31.1.aarch64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP4", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.31.1.aarch64", }, product_reference: "kernel-azure-devel-5.14.21-150400.14.31.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-azure-devel-5.14.21-150400.14.31.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP4", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.31.1.x86_64", }, product_reference: "kernel-azure-devel-5.14.21-150400.14.31.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-azure-5.14.21-150400.14.31.1.noarch as component of SUSE Linux Enterprise Module for Public Cloud 15 SP4", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.31.1.noarch", }, product_reference: "kernel-devel-azure-5.14.21-150400.14.31.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-source-azure-5.14.21-150400.14.31.1.noarch as component of SUSE Linux Enterprise Module for Public Cloud 15 SP4", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.31.1.noarch", }, product_reference: "kernel-source-azure-5.14.21-150400.14.31.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-azure-5.14.21-150400.14.31.1.aarch64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP4", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.31.1.aarch64", }, product_reference: "kernel-syms-azure-5.14.21-150400.14.31.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-azure-5.14.21-150400.14.31.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP4", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.31.1.x86_64", }, product_reference: "kernel-syms-azure-5.14.21-150400.14.31.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15 SP4", }, { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-azure-5.14.21-150400.14.31.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.31.1.aarch64", }, product_reference: "cluster-md-kmp-azure-5.14.21-150400.14.31.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-azure-5.14.21-150400.14.31.1.x86_64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.31.1.x86_64", }, product_reference: "cluster-md-kmp-azure-5.14.21-150400.14.31.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-azure-5.14.21-150400.14.31.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.31.1.aarch64", }, product_reference: "dlm-kmp-azure-5.14.21-150400.14.31.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-azure-5.14.21-150400.14.31.1.x86_64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.31.1.x86_64", }, product_reference: "dlm-kmp-azure-5.14.21-150400.14.31.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-azure-5.14.21-150400.14.31.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.31.1.aarch64", }, product_reference: "gfs2-kmp-azure-5.14.21-150400.14.31.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-azure-5.14.21-150400.14.31.1.x86_64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.31.1.x86_64", }, product_reference: "gfs2-kmp-azure-5.14.21-150400.14.31.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-azure-5.14.21-150400.14.31.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.31.1.aarch64", }, product_reference: "kernel-azure-5.14.21-150400.14.31.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-azure-5.14.21-150400.14.31.1.x86_64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.31.1.x86_64", }, product_reference: "kernel-azure-5.14.21-150400.14.31.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-azure-devel-5.14.21-150400.14.31.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.31.1.aarch64", }, product_reference: "kernel-azure-devel-5.14.21-150400.14.31.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-azure-devel-5.14.21-150400.14.31.1.x86_64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.31.1.x86_64", }, product_reference: "kernel-azure-devel-5.14.21-150400.14.31.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-azure-extra-5.14.21-150400.14.31.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.31.1.aarch64", }, product_reference: "kernel-azure-extra-5.14.21-150400.14.31.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-azure-extra-5.14.21-150400.14.31.1.x86_64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.31.1.x86_64", }, product_reference: "kernel-azure-extra-5.14.21-150400.14.31.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-azure-livepatch-devel-5.14.21-150400.14.31.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.31.1.aarch64", }, product_reference: "kernel-azure-livepatch-devel-5.14.21-150400.14.31.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-azure-livepatch-devel-5.14.21-150400.14.31.1.x86_64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.31.1.x86_64", }, product_reference: "kernel-azure-livepatch-devel-5.14.21-150400.14.31.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-azure-optional-5.14.21-150400.14.31.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.31.1.aarch64", }, product_reference: "kernel-azure-optional-5.14.21-150400.14.31.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-azure-optional-5.14.21-150400.14.31.1.x86_64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.31.1.x86_64", }, product_reference: "kernel-azure-optional-5.14.21-150400.14.31.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-azure-5.14.21-150400.14.31.1.noarch as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.31.1.noarch", }, product_reference: "kernel-devel-azure-5.14.21-150400.14.31.1.noarch", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-source-azure-5.14.21-150400.14.31.1.noarch as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.31.1.noarch", }, product_reference: "kernel-source-azure-5.14.21-150400.14.31.1.noarch", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-azure-5.14.21-150400.14.31.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.31.1.aarch64", }, product_reference: "kernel-syms-azure-5.14.21-150400.14.31.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-azure-5.14.21-150400.14.31.1.x86_64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.31.1.x86_64", }, product_reference: "kernel-syms-azure-5.14.21-150400.14.31.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kselftests-kmp-azure-5.14.21-150400.14.31.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.31.1.aarch64", }, product_reference: "kselftests-kmp-azure-5.14.21-150400.14.31.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kselftests-kmp-azure-5.14.21-150400.14.31.1.x86_64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.31.1.x86_64", }, product_reference: "kselftests-kmp-azure-5.14.21-150400.14.31.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-azure-5.14.21-150400.14.31.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.31.1.aarch64", }, product_reference: "ocfs2-kmp-azure-5.14.21-150400.14.31.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-azure-5.14.21-150400.14.31.1.x86_64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.31.1.x86_64", }, product_reference: "ocfs2-kmp-azure-5.14.21-150400.14.31.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "reiserfs-kmp-azure-5.14.21-150400.14.31.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.31.1.aarch64", }, product_reference: "reiserfs-kmp-azure-5.14.21-150400.14.31.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "reiserfs-kmp-azure-5.14.21-150400.14.31.1.x86_64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.31.1.x86_64", }, product_reference: "reiserfs-kmp-azure-5.14.21-150400.14.31.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.4", }, ], }, vulnerabilities: [ { cve: "CVE-2022-3104", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-3104", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel through 5.16-rc6. lkdtm_ARRAY_BOUNDS in drivers/misc/lkdtm/bugs.c lacks check of the return value of kmalloc() and will cause the null pointer dereference.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.31.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.31.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.31.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.31.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.31.1.noarch", "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.31.1.noarch", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.31.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-3104", url: "https://www.suse.com/security/cve/CVE-2022-3104", }, { category: "external", summary: "SUSE Bug 1206396 for CVE-2022-3104", url: "https://bugzilla.suse.com/1206396", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.31.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.31.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.31.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.31.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.31.1.noarch", "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.31.1.noarch", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.31.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.31.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.31.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.31.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.31.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.31.1.noarch", "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.31.1.noarch", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.31.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-01-26T08:17:55Z", details: "moderate", }, ], title: "CVE-2022-3104", }, { cve: "CVE-2022-3105", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-3105", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel through 5.16-rc6. uapi_finalize in drivers/infiniband/core/uverbs_uapi.c lacks check of kmalloc_array().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.31.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.31.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.31.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.31.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.31.1.noarch", "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.31.1.noarch", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.31.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-3105", url: "https://www.suse.com/security/cve/CVE-2022-3105", }, { category: "external", summary: "SUSE Bug 1206398 for CVE-2022-3105", url: "https://bugzilla.suse.com/1206398", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.31.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.31.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.31.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.31.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.31.1.noarch", "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.31.1.noarch", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.31.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.31.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.31.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.31.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.31.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.31.1.noarch", "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.31.1.noarch", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.31.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-01-26T08:17:55Z", details: "moderate", }, ], title: "CVE-2022-3105", }, { cve: "CVE-2022-3106", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-3106", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel through 5.16-rc6. ef100_update_stats in drivers/net/ethernet/sfc/ef100_nic.c lacks check of the return value of kmalloc().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.31.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.31.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.31.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.31.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.31.1.noarch", "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.31.1.noarch", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.31.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-3106", url: "https://www.suse.com/security/cve/CVE-2022-3106", }, { category: "external", summary: "SUSE Bug 1206397 for CVE-2022-3106", url: "https://bugzilla.suse.com/1206397", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.31.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.31.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.31.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.31.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.31.1.noarch", "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.31.1.noarch", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.31.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.31.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.31.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.31.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.31.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.31.1.noarch", "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.31.1.noarch", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.31.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-01-26T08:17:55Z", details: "moderate", }, ], title: "CVE-2022-3106", }, { cve: "CVE-2022-3107", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-3107", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel through 5.16-rc6. netvsc_get_ethtool_stats in drivers/net/hyperv/netvsc_drv.c lacks check of the return value of kvmalloc_array() and will cause the null pointer dereference.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.31.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.31.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.31.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.31.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.31.1.noarch", "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.31.1.noarch", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.31.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-3107", url: "https://www.suse.com/security/cve/CVE-2022-3107", }, { category: "external", summary: "SUSE Bug 1206395 for CVE-2022-3107", url: "https://bugzilla.suse.com/1206395", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.31.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.31.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.31.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.31.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.31.1.noarch", "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.31.1.noarch", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.31.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.31.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.31.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.31.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.31.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.31.1.noarch", "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.31.1.noarch", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.31.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-01-26T08:17:55Z", details: "moderate", }, ], title: "CVE-2022-3107", }, { cve: "CVE-2022-3108", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-3108", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel through 5.16-rc6. kfd_parse_subtype_iolink in drivers/gpu/drm/amd/amdkfd/kfd_crat.c lacks check of the return value of kmemdup().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.31.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.31.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.31.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.31.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.31.1.noarch", "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.31.1.noarch", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.31.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-3108", url: "https://www.suse.com/security/cve/CVE-2022-3108", }, { category: "external", summary: "SUSE Bug 1206389 for CVE-2022-3108", url: "https://bugzilla.suse.com/1206389", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.31.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.31.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.31.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.31.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.31.1.noarch", "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.31.1.noarch", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.31.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.31.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.31.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.31.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.31.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.31.1.noarch", "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.31.1.noarch", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.31.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-01-26T08:17:55Z", details: "moderate", }, ], title: "CVE-2022-3108", }, { cve: "CVE-2022-3111", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-3111", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel through 5.16-rc6. free_charger_irq() in drivers/power/supply/wm8350_power.c lacks free of WM8350_IRQ_CHG_FAST_RDY, which is registered in wm8350_init_charger().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.31.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.31.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.31.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.31.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.31.1.noarch", "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.31.1.noarch", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.31.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-3111", url: "https://www.suse.com/security/cve/CVE-2022-3111", }, { category: "external", summary: "SUSE Bug 1206394 for CVE-2022-3111", url: "https://bugzilla.suse.com/1206394", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.31.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.31.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.31.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.31.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.31.1.noarch", "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.31.1.noarch", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.31.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.31.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.31.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.31.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.31.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.31.1.noarch", "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.31.1.noarch", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.31.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-01-26T08:17:55Z", details: "moderate", }, ], title: "CVE-2022-3111", }, { cve: "CVE-2022-3112", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-3112", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel through 5.16-rc6. amvdec_set_canvases in drivers/staging/media/meson/vdec/vdec_helpers.c lacks check of the return value of kzalloc() and will cause the null pointer dereference.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.31.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.31.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.31.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.31.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.31.1.noarch", "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.31.1.noarch", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.31.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-3112", url: "https://www.suse.com/security/cve/CVE-2022-3112", }, { category: "external", summary: "SUSE Bug 1206399 for CVE-2022-3112", url: "https://bugzilla.suse.com/1206399", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.31.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.31.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.31.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.31.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.31.1.noarch", "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.31.1.noarch", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.31.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.31.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.31.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.31.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.31.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.31.1.noarch", "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.31.1.noarch", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.31.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-01-26T08:17:55Z", details: "moderate", }, ], title: "CVE-2022-3112", }, { cve: "CVE-2022-3113", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-3113", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel through 5.16-rc6. mtk_vcodec_fw_vpu_init in drivers/media/platform/mtk-vcodec/mtk_vcodec_fw_vpu.c lacks check of the return value of devm_kzalloc() and will cause the null pointer dereference.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.31.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.31.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.31.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.31.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.31.1.noarch", "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.31.1.noarch", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.31.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-3113", url: "https://www.suse.com/security/cve/CVE-2022-3113", }, { category: "external", summary: "SUSE Bug 1206390 for CVE-2022-3113", url: "https://bugzilla.suse.com/1206390", }, { category: "external", summary: "SUSE Bug 1227890 for CVE-2022-3113", url: "https://bugzilla.suse.com/1227890", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.31.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.31.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.31.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.31.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.31.1.noarch", "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.31.1.noarch", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.31.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.31.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.31.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.31.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.31.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.31.1.noarch", "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.31.1.noarch", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.31.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-01-26T08:17:55Z", details: "moderate", }, ], title: "CVE-2022-3113", }, { cve: "CVE-2022-3114", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-3114", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel through 5.16-rc6. imx_register_uart_clocks in drivers/clk/imx/clk.c lacks check of the return value of kcalloc() and will cause the null pointer dereference.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.31.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.31.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.31.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.31.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.31.1.noarch", "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.31.1.noarch", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.31.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-3114", url: "https://www.suse.com/security/cve/CVE-2022-3114", }, { category: "external", summary: "SUSE Bug 1206391 for CVE-2022-3114", url: "https://bugzilla.suse.com/1206391", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.31.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.31.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.31.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.31.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.31.1.noarch", "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.31.1.noarch", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.31.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.31.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.31.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.31.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.31.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.31.1.noarch", "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.31.1.noarch", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.31.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-01-26T08:17:55Z", details: "moderate", }, ], title: "CVE-2022-3114", }, { cve: "CVE-2022-3115", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-3115", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel through 5.16-rc6. malidp_crtc_reset in drivers/gpu/drm/arm/malidp_crtc.c lacks check of the return value of kzalloc() and will cause the null pointer dereference.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.31.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.31.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.31.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.31.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.31.1.noarch", "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.31.1.noarch", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.31.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-3115", url: "https://www.suse.com/security/cve/CVE-2022-3115", }, { category: "external", summary: "SUSE Bug 1206393 for CVE-2022-3115", url: "https://bugzilla.suse.com/1206393", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.31.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.31.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.31.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.31.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.31.1.noarch", "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.31.1.noarch", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.31.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.31.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.31.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.31.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.31.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.31.1.noarch", "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.31.1.noarch", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.31.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-01-26T08:17:55Z", details: "moderate", }, ], title: "CVE-2022-3115", }, { cve: "CVE-2022-3344", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-3344", }, ], notes: [ { category: "general", text: "A flaw was found in the KVM's AMD nested virtualization (SVM). A malicious L1 guest could purposely fail to intercept the shutdown of a cooperative nested guest (L2), possibly leading to a page fault and kernel panic in the host (L0).", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.31.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.31.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.31.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.31.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.31.1.noarch", "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.31.1.noarch", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.31.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-3344", url: "https://www.suse.com/security/cve/CVE-2022-3344", }, { category: "external", summary: "SUSE Bug 1204652 for CVE-2022-3344", url: "https://bugzilla.suse.com/1204652", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.31.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.31.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.31.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.31.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.31.1.noarch", "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.31.1.noarch", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.31.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.31.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.31.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.31.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.31.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.31.1.noarch", "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.31.1.noarch", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.31.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-01-26T08:17:55Z", details: "moderate", }, ], title: "CVE-2022-3344", }, { cve: "CVE-2022-3564", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-3564", }, ], notes: [ { category: "general", text: "A vulnerability classified as critical was found in Linux Kernel. Affected by this vulnerability is the function l2cap_reassemble_sdu of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211087.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.31.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.31.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.31.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.31.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.31.1.noarch", "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.31.1.noarch", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.31.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-3564", url: "https://www.suse.com/security/cve/CVE-2022-3564", }, { category: "external", summary: "SUSE Bug 1206073 for CVE-2022-3564", url: "https://bugzilla.suse.com/1206073", }, { category: "external", summary: "SUSE Bug 1206314 for CVE-2022-3564", url: "https://bugzilla.suse.com/1206314", }, { category: "external", summary: "SUSE Bug 1208030 for CVE-2022-3564", url: "https://bugzilla.suse.com/1208030", }, { category: "external", summary: "SUSE Bug 1208044 for CVE-2022-3564", url: "https://bugzilla.suse.com/1208044", }, { category: "external", summary: "SUSE Bug 1208085 for CVE-2022-3564", url: "https://bugzilla.suse.com/1208085", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.31.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.31.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.31.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.31.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.31.1.noarch", "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.31.1.noarch", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.31.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.31.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.31.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.31.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.31.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.31.1.noarch", "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.31.1.noarch", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.31.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-01-26T08:17:55Z", details: "important", }, ], title: "CVE-2022-3564", }, { cve: "CVE-2022-4379", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-4379", }, ], notes: [ { category: "general", text: "A use-after-free vulnerability was found in __nfs42_ssc_open() in fs/nfs/nfs4file.c in the Linux kernel. This flaw allows an attacker to conduct a remote denial", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.31.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.31.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.31.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.31.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.31.1.noarch", "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.31.1.noarch", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.31.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-4379", url: "https://www.suse.com/security/cve/CVE-2022-4379", }, { category: "external", summary: "SUSE Bug 1206209 for CVE-2022-4379", url: "https://bugzilla.suse.com/1206209", }, { category: "external", summary: "SUSE Bug 1206373 for CVE-2022-4379", url: "https://bugzilla.suse.com/1206373", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.31.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.31.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.31.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.31.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.31.1.noarch", "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.31.1.noarch", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.31.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.4, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.31.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.31.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.31.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.31.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.31.1.noarch", "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.31.1.noarch", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.31.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-01-26T08:17:55Z", details: "important", }, ], title: "CVE-2022-4379", }, { cve: "CVE-2022-4662", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-4662", }, ], notes: [ { category: "general", text: "A flaw incorrect access control in the Linux kernel USB core subsystem was found in the way user attaches usb device. A local user could use this flaw to crash the system.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.31.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.31.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.31.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.31.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.31.1.noarch", "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.31.1.noarch", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.31.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-4662", url: "https://www.suse.com/security/cve/CVE-2022-4662", }, { category: "external", summary: "SUSE Bug 1206664 for CVE-2022-4662", url: "https://bugzilla.suse.com/1206664", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.31.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.31.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.31.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.31.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.31.1.noarch", "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.31.1.noarch", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.31.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.31.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.31.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.31.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.31.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.31.1.noarch", "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.31.1.noarch", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.31.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-01-26T08:17:55Z", details: "moderate", }, ], title: "CVE-2022-4662", }, { cve: "CVE-2022-47520", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-47520", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel before 6.0.11. Missing offset validation in drivers/net/wireless/microchip/wilc1000/hif.c in the WILC1000 wireless driver can trigger an out-of-bounds read when parsing a Robust Security Network (RSN) information element from a Netlink packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.31.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.31.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.31.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.31.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.31.1.noarch", "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.31.1.noarch", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.31.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-47520", url: "https://www.suse.com/security/cve/CVE-2022-47520", }, { category: "external", summary: "SUSE Bug 1206515 for CVE-2022-47520", url: "https://bugzilla.suse.com/1206515", }, { category: "external", summary: "SUSE Bug 1207823 for CVE-2022-47520", url: "https://bugzilla.suse.com/1207823", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.31.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.31.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.31.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.31.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.31.1.noarch", "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.31.1.noarch", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.31.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:L", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.31.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.31.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.31.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.31.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.31.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.31.1.noarch", "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.31.1.noarch", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.31.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.31.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.31.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-01-26T08:17:55Z", details: "important", }, ], title: "CVE-2022-47520", }, ], }
suse-su-2023:0147-1
Vulnerability from csaf_suse
Published
2023-01-26 08:24
Modified
2023-01-26 08:24
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2022-3344: Fixed a flaw found in the KVM's AMD nested virtualization (SVM). A malicious L1 guest could purposely fail to intercept the shutdown of a cooperative nested guest (L2), possibly leading to a page fault and kernel panic in the host (L0). (bsc#1204652)
- CVE-2022-4662: Fixed a recursive locking violation in usb-storage that can cause the kernel to deadlock. (bsc#1206664)
- CVE-2022-3115: Fixed a null pointer dereference in malidp_crtc.c caused by a lack of checks of the return value of kzalloc. (bsc#1206393)
- CVE-2022-47520: Fixed an out-of-bounds read when parsing a Robust Security Network (RSN) information element from a Netlink packet. (bsc#1206515)
- CVE-2022-3112: Fixed a null pointer dereference caused by a missing check of the return value of kzalloc() in vdec_helpers.c:amvdec_set_canvases. (bsc#1206399)
- CVE-2022-3564: Fixed a bug which could lead to use after free, it was found in the function l2cap_reassemble_sdu of the file net/bluetooth/l2cap_core.c of the component Bluetooth. (bsc#1206073)
- CVE-2022-4379: Fixed a use-after-free vulnerability in nfs4file.c:__nfs42_ssc_open. (bsc#1206209)
- CVE-2022-3108: Fixed a bug in kfd_parse_subtype_iolink in drivers/gpu/drm/amd/amdkfd/kfd_crat.c where a lack of check of the return value of kmemdup() could lead to a NULL pointer dereference. (bsc#1206389)
- CVE-2022-3104: Fixed a null pointer dereference caused by a missing check of the return value of kzalloc() in bugs.c:lkdtm_ARRAY_BOUNDS. (bsc#1206396)
- CVE-2022-3113: Fixed a null pointer dereference caused by a missing check of the return value of devm_kzalloc. (bsc#1206390)
- CVE-2022-3107: Fixed a null pointer dereference caused by a missing check of the return value of kvmalloc_array. (bsc#1206395)
- CVE-2022-3111: Fixed a missing release of resource after effective lifetime bug caused by a missing free of the WM8350_IRQ_CHG_FAST_RDY in wm8350_init_charger. (bsc#1206394)
- CVE-2022-3105: Fixed a null pointer dereference caused by a missing check of the return value of kmalloc_array. (bsc#1206398)
- CVE-2022-3106: Fixed a null pointer dereference caused by a missing check of the return value of kmalloc. (bsc#1206397)
The following non-security bugs were fixed:
- acct: fix potential integer overflow in encode_comp_t() (git-fixes).
- ACPI: resource: Skip IRQ override on Asus Vivobook K3402ZA/K3502ZA (git-fixes).
- ACPICA: Fix error code path in acpi_ds_call_control_method() (git-fixes).
- ACPICA: Fix use-after-free in acpi_ut_copy_ipackage_to_ipackage() (git-fixes).
- ALSA: asihpi: fix missing pci_disable_device() (git-fixes).
- ALSA: control-led: use strscpy in set_led_id() (git-fixes).
- ALSA: hda - Enable headset mic on another Dell laptop with ALC3254 (git-fixes).
- ALSA: hda: cs35l41: Check runtime suspend capability at runtime_idle (git-fixes).
- ALSA: hda: cs35l41: Do not return -EINVAL from system suspend/resume (git-fixes).
- ALSA: hda/hdmi: Add a HP device 0x8715 to force connect list (git-fixes).
- ALSA: hda/hdmi: Add HP Device 0x8711 to force connect list (git-fixes).
- ALSA: hda/realtek - Turn on power early (git-fixes).
- ALSA: hda/realtek: Add quirk for Lenovo TianYi510Pro-14IOB (git-fixes).
- ALSA: hda/realtek: Apply dual codec fixup for Dell Latitude laptops (git-fixes).
- ALSA: hda/realtek: Enable mute/micmute LEDs on HP Spectre x360 13-aw0xxx (git-fixes).
- ALSA: hda/realtek: fix mute/micmute LEDs do not work for a HP platform (git-fixes).
- ALSA: hda/realtek: fix mute/micmute LEDs for a HP ProBook (git-fixes).
- ALSA: line6: correct midi status byte when receiving data from podxt (git-fixes).
- ALSA: line6: fix stack overflow in line6_midi_transmit (git-fixes).
- ALSA: mts64: fix possible null-ptr-defer in snd_mts64_interrupt (git-fixes).
- ALSA: patch_realtek: Fix Dell Inspiron Plus 16 (git-fixes).
- ALSA: pcm: fix undefined behavior in bit shift for SNDRV_PCM_RATE_KNOT (git-fixes).
- ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF (git-fixes).
- ALSA: pcm: Set missing stop_operating flag at undoing trigger start (git-fixes).
- ALSA: seq: Fix function prototype mismatch in snd_seq_expand_var_event (git-fixes).
- ALSA: seq: fix undefined behavior in bit shift for SNDRV_SEQ_FILTER_USE_EVENT (git-fixes).
- ALSA: usb-audio: add the quirk for KT0206 device (git-fixes).
- ALSA: usb-audio: Make sure to stop endpoints before closing EPs (git-fixes).
- ALSA: usb-audio: Relax hw constraints for implicit fb sync (git-fixes).
- amdgpu/pm: prevent array underflow in vega20_odn_edit_dpm_table() (git-fixes).
- apparmor: fix a memleak in multi_transaction_new() (git-fixes).
- apparmor: Fix abi check to include v8 abi (git-fixes).
- apparmor: fix lockdep warning when removing a namespace (git-fixes).
- apparmor: Fix memleak in alloc_ns() (git-fixes).
- apparmor: Use pointer to struct aa_label for lbs_cred (git-fixes).
- ARM: 9251/1: perf: Fix stacktraces for tracepoint events in THUMB2 kernels (git-fixes).
- ARM: 9256/1: NWFPE: avoid compiler-generated __aeabi_uldivmod (git-fixes).
- ARM: dts: armada-370: Fix assigned-addresses for every PCIe Root Port (git-fixes).
- ARM: dts: armada-375: Fix assigned-addresses for every PCIe Root Port (git-fixes).
- ARM: dts: armada-38x: Fix assigned-addresses for every PCIe Root Port (git-fixes).
- ARM: dts: armada-38x: Fix compatible string for gpios (git-fixes).
- ARM: dts: armada-39x: Fix assigned-addresses for every PCIe Root Port (git-fixes).
- ARM: dts: armada-39x: Fix compatible string for gpios (git-fixes).
- ARM: dts: armada-xp: Fix assigned-addresses for every PCIe Root Port (git-fixes).
- ARM: dts: dove: Fix assigned-addresses for every PCIe Root Port (git-fixes).
- ARM: dts: nuvoton: Remove bogus unit addresses from fixed-partition nodes (git-fixes).
- ARM: dts: qcom: apq8064: fix coresight compatible (git-fixes).
- ARM: dts: rockchip: disable arm_global_timer on rk3066 and rk3188 (git-fixes).
- ARM: dts: rockchip: fix ir-receiver node names (git-fixes).
- ARM: dts: rockchip: fix node name for hym8563 rtc (git-fixes).
- ARM: dts: rockchip: remove clock-frequency from rtc (git-fixes).
- ARM: dts: rockchip: rk3188: fix lcdc1-rgb24 node name (git-fixes).
- ARM: dts: spear600: Fix clcd interrupt (git-fixes).
- ARM: dts: stm32: Drop stm32mp15xc.dtsi from Avenger96 (git-fixes).
- ARM: dts: stm32: Fix AV96 WLAN regulator gpio property (git-fixes).
- ARM: dts: turris-omnia: Add ethernet aliases (git-fixes).
- ARM: dts: turris-omnia: Add switch port 6 node (git-fixes).
- ARM: mmp: fix timer_read delay (git-fixes).
- ARM: ux500: do not directly dereference __iomem (git-fixes).
- arm64: Avoid repeated AA64MMFR1_EL1 register read on pagefault path (performance bsc#1203219).
- arm64: dts: armada-3720-turris-mox: Add missing interrupt for RTC (git-fixes).
- arm64: dts: mediatek: mt6797: Fix 26M oscillator unit name (git-fixes).
- arm64: dts: mediatek: pumpkin-common: Fix devicetree warnings (git-fixes).
- arm64: dts: mt2712-evb: Fix usb vbus regulators unit names (git-fixes).
- arm64: dts: mt2712-evb: Fix vproc fixed regulators unit names (git-fixes).
- arm64: dts: mt2712e: Fix unit address for pinctrl node (git-fixes).
- arm64: dts: mt2712e: Fix unit_address_vs_reg warning for oscillators (git-fixes).
- arm64: dts: mt6779: Fix devicetree build warnings (git-fixes).
- arm64: dts: mt7622: drop r_smpl property from mmc node (git-fixes).
- arm64: dts: mt8183: drop drv-type from mmc-node (git-fixes).
- arm64: dts: mt8183: Fix Mali GPU clock (git-fixes).
- arm64: dts: qcom: ipq6018-cp01-c1: use BLSPI1 pins (git-fixes).
- arm64: dts: qcom: msm8916: Drop MSS fallback compatible (git-fixes).
- arm64: dts: qcom: msm8996: Add MSM8996 Pro support (git-fixes).
- arm64: dts: qcom: msm8996: fix GPU OPP table (git-fixes).
- arm64: dts: qcom: msm8996: fix supported-hw in cpufreq OPP tables (git-fixes).
- arm64: dts: qcom: sdm630: fix UART1 pin bias (git-fixes).
- arm64: dts: qcom: sdm845-cheza: fix AP suspend pin bias (git-fixes).
- arm64: dts: qcom: sdm845-db845c: correct SPI2 pins drive strength (git-fixes).
- arm64: dts: qcom: sdm850-lenovo-yoga-c630: correct I2C12 pins drive strength (git-fixes).
- arm64: dts: qcom: sm8250-sony-xperia-edo: fix touchscreen bias-disable (git-fixes).
- arm64: dts: qcom: sm8250: correct LPASS pin pull down (git-fixes).
- arm64: dts: qcom: sm8250: drop bogus DP PHY clock (git-fixes).
- arm64: dts: qcom: sm8250: fix USB-DP PHY registers (git-fixes).
- arm64: dts: rockchip: fix ir-receiver node names (git-fixes).
- arm64: dts: rockchip: keep I2S1 disabled for GPIO function on ROCK Pi 4 series (git-fixes).
- arm64: dts: ti: k3-am65-main: Drop dma-coherent in crypto node (git-fixes).
- arm64: dts: ti: k3-j721e-main: Drop dma-coherent in crypto node (git-fixes).
- ASoC: audio-graph-card: fix refcount leak of cpu_ep in __graph_for_each_link() (git-fixes).
- ASoC: codecs: rt298: Add quirk for KBL-R RVP platform (git-fixes).
- ASoC: cs42l51: Correct PGA Volume minimum value (git-fixes).
- ASoC: dt-bindings: wcd9335: fix reset line polarity in example (git-fixes).
- ASoC: fsl_micfil: explicitly clear CHnF flags (git-fixes).
- ASoC: fsl_micfil: explicitly clear software reset bit (git-fixes).
- ASoC: Intel: bytcr_rt5640: Add quirk for the Advantech MICA-071 tablet (git-fixes).
- ASoC: jz4740-i2s: Handle independent FIFO flush bits (git-fixes).
- ASoC: mediatek: mt8173-rt5650-rt5514: fix refcount leak in mt8173_rt5650_rt5514_dev_probe() (git-fixes).
- ASoC: mediatek: mt8173: Enable IRQ when pdata is ready (git-fixes).
- ASoC: mediatek: mt8183: fix refcount leak in mt8183_mt6358_ts3a227_max98357_dev_probe() (git-fixes).
- ASoC: mediatek: mtk-btcvsd: Add checks for write and read of mtk_btcvsd_snd (git-fixes).
- ASoC: ops: Check bounds for second channel in snd_soc_put_volsw_sx() (git-fixes).
- ASoC: ops: Correct bounds check for second channel on SX controls (git-fixes).
- ASoC: pcm512x: Fix PM disable depth imbalance in pcm512x_probe (git-fixes).
- ASoC: pxa: fix null-pointer dereference in filter() (git-fixes).
- ASoC: qcom: Add checks for devm_kcalloc (git-fixes).
- ASoC: qcom: lpass-cpu: Fix fallback SD line index handling (git-fixes).
- ASoC: rockchip: pdm: Add missing clk_disable_unprepare() in rockchip_pdm_runtime_resume() (git-fixes).
- ASoC: rockchip: spdif: Add missing clk_disable_unprepare() in rk_spdif_runtime_resume() (git-fixes).
- ASoC: rt5670: Remove unbalanced pm_runtime_put() (git-fixes).
- ASoC: rt711-sdca: fix the latency time of clock stop prepare state machine transitions (git-fixes).
- ASoC: soc-pcm: Add NULL check in BE reparenting (git-fixes).
- ASoC: wm8904: fix wrong outputs volume after power reactivation (git-fixes).
- ASoC: wm8962: Wait for updated value of WM8962_CLOCKING1 register (git-fixes).
- ASoC: wm8994: Fix potential deadlock (git-fixes).
- ata: ahci: Fix PCS quirk application for suspend (git-fixes).
- binfmt_elf: fix documented return value for load_elf_phdrs() (git-fixes).
- binfmt_misc: fix shift-out-of-bounds in check_special_flags (git-fixes).
- binfmt: Fix error return code in load_elf_fdpic_binary() (git-fixes).
- Bluetooth: btintel: Fix missing free skb in btintel_setup_combined() (git-fixes).
- Bluetooth: btusb: Add debug message for CSR controllers (git-fixes).
- Bluetooth: btusb: do not call kfree_skb() under spin_lock_irqsave() (git-fixes).
- Bluetooth: hci_bcsp: do not call kfree_skb() under spin_lock_irqsave() (git-fixes).
- Bluetooth: hci_core: do not call kfree_skb() under spin_lock_irqsave() (git-fixes).
- Bluetooth: hci_h5: do not call kfree_skb() under spin_lock_irqsave() (git-fixes).
- Bluetooth: hci_ll: do not call kfree_skb() under spin_lock_irqsave() (git-fixes).
- Bluetooth: hci_qca: do not call kfree_skb() under spin_lock_irqsave() (git-fixes).
- Bluetooth: MGMT: Fix error report for ADD_EXT_ADV_PARAMS (git-fixes).
- Bluetooth: RFCOMM: do not call kfree_skb() under spin_lock_irqsave() (git-fixes).
- brcmfmac: return error when getting invalid max_flowrings from dongle (git-fixes).
- caif: fix memory leak in cfctrl_linkup_request() (git-fixes).
- can: kvaser_usb_leaf: Fix bogus restart events (git-fixes).
- can: kvaser_usb_leaf: Fix wrong CAN state after stopping (git-fixes).
- can: kvaser_usb_leaf: Set Warning state even without bus errors (git-fixes).
- can: kvaser_usb: do not increase tx statistics when sending error message frames (git-fixes).
- can: kvaser_usb: kvaser_usb_leaf: fix bittiming limits (git-fixes).
- can: mcba_usb: Fix termination command argument (git-fixes).
- can: sja1000: fix size of OCR_MODE_MASK define (git-fixes).
- can: tcan4x5x: Remove invalid write in clear_interrupts (git-fixes).
- chardev: fix error handling in cdev_device_add() (git-fixes).
- cifs: Add 'extbuf' and 'extbuflen' args to smb2_compound_op() (bsc#1193629).
- cifs: do not block in dfs_cache_noreq_update_tgthint() (bsc#1193629).
- cifs: do not leak -ENOMEM in smb2_open_file() (bsc#1193629).
- cifs: do not refresh cached referrals from unactive mounts (bsc#1193629).
- cifs: fix confusing debug message (bsc#1193629).
- cifs: Fix kmap_local_page() unmapping (git-fixes).
- cifs: fix missing display of three mount options (bsc#1193629).
- cifs: fix oops during encryption (bsc#1199294).
- cifs: fix refresh of cached referrals (bsc#1193629).
- cifs: fix source pathname comparison of dfs supers (bsc#1193629).
- cifs: fix various whitespace errors in headers (bsc#1193629).
- cifs: get rid of mount options string parsing (bsc#1193629).
- cifs: minor cleanup of some headers (bsc#1193629).
- cifs: optimize reconnect of nested links (bsc#1193629).
- cifs: Parse owner/group for stat in smb311 posix extensions (bsc#1193629).
- cifs: print warning when conflicting soft vs. hard mount options specified (bsc#1193629).
- cifs: reduce roundtrips on create/qinfo requests (bsc#1193629).
- cifs: refresh root referrals (bsc#1193629).
- cifs: Remove duplicated include in cifsglob.h (bsc#1193629).
- cifs: remove unused smb3_fs_context::mount_options (bsc#1193629).
- cifs: set correct ipc status after initial tree connect (bsc#1193629).
- cifs: set correct status of tcon ipc when reconnecting (bsc#1193629).
- cifs: set correct tcon status after initial tree connect (bsc#1193629).
- cifs: set resolved ip in sockaddr (bsc#1193629).
- cifs: share dfs connections and supers (bsc#1193629).
- cifs: skip alloc when request has no pages (bsc#1193629).
- cifs: split out ses and tcon retrieval from mount_get_conns() (bsc#1193629).
- cifs: update internal module number (bsc#1193629).
- cifs: use fs_context for automounts (bsc#1193629).
- cifs: use origin fullpath for automounts (bsc#1193629).
- class: fix possible memory leak in __class_register() (git-fixes).
- clk: Fix pointer casting to prevent oops in devm_clk_release() (git-fixes).
- clk: generalize devm_clk_get() a bit (git-fixes).
- clk: imx: imx8mp: add shared clk gate for usb suspend clk (git-fixes).
- clk: imx: replace osc_hdmi with dummy (git-fixes).
- clk: nomadik: correct struct name kernel-doc warning (git-fixes).
- clk: Provide new devm_clk helpers for prepared and enabled clocks (git-fixes).
- clk: qcom: clk-krait: fix wrong div2 functions (git-fixes).
- clk: qcom: gcc-sm8250: Use retention mode for USB GDSCs (git-fixes).
- clk: qcom: lpass-sc7180: Fix pm_runtime usage (git-fixes).
- clk: renesas: r9a06g032: Repair grave increment error (git-fixes).
- clk: rockchip: Fix memory leak in rockchip_clk_register_pll() (git-fixes).
- clk: samsung: Fix memory leak in _samsung_clk_register_pll() (git-fixes).
- clk: socfpga: Fix memory leak in socfpga_gate_init() (git-fixes).
- clk: st: Fix memory leak in st_of_quadfs_setup() (git-fixes).
- clk: sunxi-ng: v3s: Correct the header guard of ccu-sun8i-v3s.h (git-fixes).
- clocksource/drivers/sh_cmt: Access registers according to spec (git-fixes).
- clocksource/drivers/timer-ti-dm: Fix missing clk_disable_unprepare in dmtimer_systimer_init_clock() (git-fixes).
- cpufreq: ACPI: Defer setting boost MSRs (bsc#1205485).
- cpufreq: ACPI: Only set boost MSRs on supported CPUs (bsc#1205485).
- cpufreq: ACPI: Remove unused variables 'acpi_cpufreq_online' and 'ret' (bsc#1205485).
- cpufreq: intel_pstate: Add Sapphire Rapids support in no-HWP mode (bsc#1201068).
- crypto: ccree - Make cc_debugfs_global_fini() available for module init function (git-fixes).
- crypto: ccree - Remove debugfs when platform_driver_register failed (git-fixes).
- crypto: cryptd - Use request context instead of stack for sub-request (git-fixes).
- crypto: hisilicon/qm - fix missing destroy qp_idr (git-fixes).
- crypto: img-hash - Fix variable dereferenced before check 'hdev->req' (git-fixes).
- crypto: n2 - add missing hash statesize (git-fixes).
- crypto: nitrox - avoid double free on error path in nitrox_sriov_init() (git-fixes).
- crypto: omap-sham - Use pm_runtime_resume_and_get() in omap_sham_probe() (git-fixes).
- crypto: rockchip - add fallback for ahash (git-fixes).
- crypto: rockchip - add fallback for cipher (git-fixes).
- crypto: rockchip - better handle cipher key (git-fixes).
- crypto: rockchip - do not do custom power management (git-fixes).
- crypto: rockchip - do not store mode globally (git-fixes).
- crypto: rockchip - remove non-aligned handling (git-fixes).
- crypto: rockchip - rework by using crypto_engine (git-fixes).
- crypto: sun8i-ss - use dma_addr instead u32 (git-fixes).
- crypto: tcrypt - Fix multibuffer skcipher speed test mem leak (git-fixes).
- device property: Fix documentation for fwnode_get_next_parent() (git-fixes).
- dmaengine: idxd: Fix crc_val field for completion record (git-fixes).
- docs/zh_CN: Fix '.. only::' directive's expression (git-fixes).
- drbd: destroy workqueue when drbd device was freed (git-fixes).
- drbd: remove call to memset before free device/resource/connection (git-fixes).
- drbd: remove usage of list iterator variable after loop (git-fixes).
- drbd: set QUEUE_FLAG_STABLE_WRITES (git-fixes).
- drbd: use after free in drbd_create_device() (git-fixes).
- driver core: Fix bus_type.match() error handling in __driver_attach() (git-fixes).
- drivers: dio: fix possible memory leak in dio_init() (git-fixes).
- drivers: soc: ti: knav_qmss_queue: Mark knav_acc_firmwares as static (git-fixes).
- drm: bridge: dw_hdmi: fix preference of RGB modes over YUV420 (git-fixes).
- drm/amd/display: fix array index out of bound error in bios parser (git-fixes).
- drm/amd/display: Manually adjust strobe for DCN303 (git-fixes).
- drm/amd/display: prevent memory leak (git-fixes).
- drm/amd/display: Use the largest vready_offset in pipe group (git-fixes).
- drm/amd/pm/smu11: BACO is supported when it's in BACO state (git-fixes).
- drm/amdgpu: fix pci device refcount leak (git-fixes).
- drm/amdgpu: Fix PCI device refcount leak in amdgpu_atrm_get_bios() (git-fixes).
- drm/amdgpu: Fix type of second parameter in odn_edit_dpm_table() callback (git-fixes).
- drm/amdgpu: Fix type of second parameter in trans_msg() callback (git-fixes).
- drm/amdgpu: handle polaris10/11 overlap asics (v2) (git-fixes).
- drm/amdgpu: make display pinning more flexible (v2) (git-fixes).
- drm/amdgpu/powerplay/psm: Fix memory leak in power state init (git-fixes).
- drm/amdgpu/sdma_v4_0: turn off SDMA ring buffer in the s2idle suspend (git-fixes).
- drm/amdkfd: Fix memory leakage (git-fixes).
- drm/bridge: adv7533: remove dynamic lane switching from adv7533 bridge (git-fixes).
- drm/bridge: anx7625: Fix edid_read break case in sp_tx_edid_read() (git-fixes).
- drm/bridge: ti-sn65dsi86: Fix output polarity setting bug (git-fixes).
- drm/connector: send hotplug uevent on connector cleanup (git-fixes).
- drm/edid: Fix minimum bpc supported with DSC1.2 for HDMI sink (git-fixes).
- drm/etnaviv: add missing quirks for GC300 (git-fixes).
- drm/etnaviv: do not truncate physical page address (git-fixes).
- drm/fourcc: Add packed 10bit YUV 4:2:0 format (git-fixes).
- drm/fourcc: Fix vsub/hsub for Q410 and Q401 (git-fixes).
- drm/fsl-dcu: Fix return type of fsl_dcu_drm_connector_mode_valid() (git-fixes).
- drm/i915: Fix documentation for intel_uncore_forcewake_put__locked (git-fixes).
- drm/i915: remove circ_buf.h includes (git-fixes).
- drm/i915: unpin on error in intel_vgpu_shadow_mm_pin() (git-fixes).
- drm/i915/display: Do not disable DDI/Transcoder when setting phy test pattern (git-fixes).
- drm/i915/dsi: fix VBT send packet port selection for dual link DSI (git-fixes).
- drm/i915/gvt: fix gvt debugfs destroy (git-fixes).
- drm/i915/gvt: fix vgpu debugfs clean in remove (git-fixes).
- drm/i915/migrate: do not check the scratch page (git-fixes).
- drm/i915/migrate: fix length calculation (git-fixes).
- drm/i915/migrate: fix offset calculation (git-fixes).
- drm/i915/ttm: never purge busy objects (git-fixes).
- drm/imx: ipuv3-plane: Fix overlay plane width (git-fixes).
- drm/ingenic: Fix missing platform_driver_unregister() call in ingenic_drm_init() (git-fixes).
- drm/mediatek: Fix return type of mtk_hdmi_bridge_mode_valid() (git-fixes).
- drm/mediatek: Modify dpi power on/off sequence (git-fixes).
- drm/meson: Reduce the FIFO lines held when AFBC is not used (git-fixes).
- drm/msm: another fix for the headless Adreno GPU (git-fixes).
- drm/msm: Use drm_mode_copy() (git-fixes).
- drm/msm/adreno: Make adreno quirks not overwrite each other (git-fixes).
- drm/msm/dp: do not complete dp_aux_cmd_fifo_tx() if irq is not for aux transfer (git-fixes).
- drm/panel/panel-sitronix-st7701: Remove panel on DSI attach failure (git-fixes).
- drm/panfrost: Fix GEM handle creation ref-counting (git-fixes).
- drm/radeon: Add the missed acpi_put_table() to fix memory leak (git-fixes).
- drm/radeon: Fix PCI device refcount leak in radeon_atrm_get_bios() (git-fixes).
- drm/rockchip: lvds: fix PM usage counter unbalance in poweron (git-fixes).
- drm/rockchip: Use drm_mode_copy() (git-fixes).
- drm/shmem-helper: Avoid vm_open error paths (git-fixes).
- drm/shmem-helper: Remove errant put in error path (git-fixes).
- drm/sti: Fix return type of sti_{dvo,hda,hdmi}_connector_mode_valid() (git-fixes).
- drm/sti: Use drm_mode_copy() (git-fixes).
- drm/tegra: Add missing clk_disable_unprepare() in tegra_dc_probe() (git-fixes).
- drm/virtio: Fix GEM handle creation UAF (git-fixes).
- drm/vmwgfx: Do not use screen objects when SEV is active (git-fixes).
- drm/vmwgfx: Fix a sparse warning in kernel docs (git-fixes).
- drm/vmwgfx: Validate the box size for the snooped cursor (git-fixes).
- Drop FIPS mode DRBG->getrandom(2) wire-up (bsc#1191259)
- dt-bindings: clock: qcom,aoncc-sm8250: fix compatible (git-fixes).
- dt-bindings: display: sun6i-dsi: Fix clock conditional (git-fixes).
- dt-bindings: gpio: gpio-davinci: Increase maxItems in gpio-line-names (git-fixes).
- dt-bindings: msm: dsi-controller-main: Fix description of core clock (git-fixes).
- dt-bindings: msm: dsi-controller-main: Fix operating-points-v2 constraint (git-fixes).
- dt-bindings: msm: dsi-phy-28nm: Add missing qcom, dsi-phy-regulator-ldo-mode (git-fixes).
- dt-bindings: msm/dsi: Do not require vcca-supply on 14nm PHY (git-fixes).
- dt-bindings: msm/dsi: Do not require vdds-supply on 10nm PHY (git-fixes).
- dt-bindings: net: sun8i-emac: Add phy-supply property (git-fixes).
- EDAC/mc_sysfs: Increase legacy channel support to 12 (bsc#1205263).
- efi: Add iMac Pro 2017 to uefi skip cert quirk (git-fixes).
- efi: fix userspace infinite retry read efivars after EFI runtime services page fault (git-fixes).
- extcon: usbc-tusb320: Add support for mode setting and reset (git-fixes).
- extcon: usbc-tusb320: Add support for TUSB320L (git-fixes).
- extcon: usbc-tusb320: Factor out extcon into dedicated functions (git-fixes).
- fbcon: Use kzalloc() in fbcon_prepare_logo() (git-fixes).
- fbdev: fbcon: release buffer when fbcon_do_set_font() failed (git-fixes).
- fbdev: geode: do not build on UML (git-fixes).
- fbdev: matroxfb: G200eW: Increase max memory from 1 MB to 16 MB (git-fixes).
- fbdev: pm2fb: fix missing pci_disable_device() (git-fixes).
- fbdev: ssd1307fb: Drop optional dependency (git-fixes).
- fbdev: uvesafb: do not build on UML (git-fixes).
- fbdev: uvesafb: Fixes an error handling path in uvesafb_probe() (git-fixes).
- fbdev: vermilion: decrease reference count in error path (git-fixes).
- fbdev: via: Fix error in via_core_init() (git-fixes).
- firmware: raspberrypi: fix possible memory leak in rpi_firmware_probe() (git-fixes).
- floppy: Fix memory leak in do_floppy_init() (git-fixes).
- gpio: sifive: Fix refcount leak in sifive_gpio_probe (git-fixes).
- gpiolib: cdev: fix NULL-pointer dereferences (git-fixes).
- gpiolib: check the 'ngpios' property in core gpiolib code (git-fixes).
- gpiolib: fix memory leak in gpiochip_setup_dev() (git-fixes).
- gpiolib: Get rid of redundant 'else' (git-fixes).
- gpiolib: improve coding style for local variables (git-fixes).
- gpiolib: make struct comments into real kernel docs (git-fixes).
- hamradio: baycom_epp: Fix return type of baycom_send_packet() (git-fixes).
- hamradio: do not call dev_kfree_skb() under spin_lock_irqsave() (git-fixes).
- HID: hid-sensor-custom: set fixed size for custom attributes (git-fixes).
- HID: ite: Enable QUIRK_TOUCHPAD_ON_OFF_REPORT on Acer Aspire Switch V 10 (git-fixes).
- HID: mcp2221: do not connect hidraw (git-fixes).
- HID: multitouch: fix Asus ExpertBook P2 P2451FA trackpoint (git-fixes).
- HID: plantronics: Additional PIDs for double volume key presses quirk (git-fixes).
- HID: uclogic: Add HID_QUIRK_HIDINPUT_FORCE quirk (git-fixes).
- HID: wacom: Ensure bootloader PID is usable in hidraw mode (git-fixes).
- HSI: omap_ssi_core: Fix error handling in ssi_init() (git-fixes).
- HSI: omap_ssi_core: fix possible memory leak in ssi_probe() (git-fixes).
- HSI: omap_ssi_core: fix unbalanced pm_runtime_disable() (git-fixes).
- hwmon: (jc42) Convert register access and caching to regmap/regcache (git-fixes).
- hwmon: (jc42) Fix missing unlock on error in jc42_write() (git-fixes).
- hwmon: (jc42) Restore the min/max/critical temperatures on resume (git-fixes).
- hwrng: amd - Fix PCI device refcount leak (git-fixes).
- i2c: ismt: Fix an out-of-bounds bug in ismt_access() (git-fixes).
- i2c: mux: reg: check return value after calling platform_get_resource() (git-fixes).
- i2c: pxa-pci: fix missing pci_disable_device() on error in ce4100_i2c_probe (git-fixes).
- IB/IPoIB: Fix queue count inconsistency for PKEY child interfaces (git-fixes)
- ibmveth: Always stop tx queues during close (bsc#1065729).
- iio: adc: ad_sigma_delta: do not use internal iio_dev lock (git-fixes).
- iio: adc128s052: add proper .data members in adc128_of_match table (git-fixes).
- iio: fix memory leak in iio_device_register_eventset() (git-fixes).
- iio: temperature: ltc2983: make bulk write buffer DMA-safe (git-fixes).
- ima: Fix a potential NULL pointer access in ima_restore_measurement_list (git-fixes).
- Input: elants_i2c - properly handle the reset GPIO when power is off (git-fixes).
- Input: joystick - fix Kconfig warning for JOYSTICK_ADC (git-fixes).
- Input: wistron_btns - disable on UML (git-fixes).
- integrity: Fix memory leakage in keyring allocation error path (git-fixes).
- ipmi: fix long wait in unload when IPMI disconnect (git-fixes).
- ipmi: fix memleak when unload ipmi driver (git-fixes).
- ipmi: fix use after free in _ipmi_destroy_user() (git-fixes).
- ipmi: kcs: Poll OBF briefly to reduce OBE latency (git-fixes).
- ipu3-imgu: Fix NULL pointer dereference in imgu_subdev_set_selection() (git-fixes).
- lib/debugobjects: fix stat count and optimize debug_objects_mem_init (git-fixes).
- lib/fonts: fix undefined behavior in bit shift for get_default_font (git-fixes).
- mailbox: arm_mhuv2: Fix return value check in mhuv2_probe() (git-fixes).
- mailbox: mpfs: read the system controller's status (git-fixes).
- mailbox: zynq-ipi: fix error handling while device_register() fails (git-fixes).
- media: adv748x: afe: Select input port when initializing AFE (git-fixes).
- media: camss: Clean up received buffers on failed start of streaming (git-fixes).
- media: dvb-core: Fix double free in dvb_register_device() (git-fixes).
- media: dvb-core: Fix ignored return value in dvb_register_frontend() (git-fixes).
- media: dvb-frontends: fix leak of memory fw (git-fixes).
- media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer() (git-fixes).
- media: dvb-usb: fix memory leak in dvb_usb_adapter_init() (git-fixes).
- media: i2c: ad5820: Fix error path (git-fixes).
- media: imon: fix a race condition in send_packet() (git-fixes).
- media: saa7164: fix missing pci_disable_device() (git-fixes).
- media: si470x: Fix use-after-free in si470x_int_in_callback() (git-fixes).
- media: solo6x10: fix possible memory leak in solo_sysfs_init() (git-fixes).
- media: stv0288: use explicitly signed char (git-fixes).
- media: v4l2-ctrls: Fix off-by-one error in integer menu control check (git-fixes).
- media: v4l2-dv-timings.c: fix too strict blanking sanity checks (git-fixes).
- media: videobuf-dma-contig: use dma_mmap_coherent (git-fixes).
- media: vidtv: Fix use-after-free in vidtv_bridge_dvb_init() (git-fixes).
- media: vimc: Fix wrong function called when vimc_init() fails (git-fixes).
- media: vivid: fix compose size exceed boundary (git-fixes).
- memcg, kmem: further deprecate kmem.limit_in_bytes (bsc#1206896).
- memcg: Fix possible use-after-free in memcg_write_event_control() (bsc#1206344).
- mfd: bd957x: Fix Kconfig dependency on REGMAP_IRQ (git-fixes).
- mfd: mt6360: Add bounds checking in Regmap read/write call-backs (git-fixes).
- mfd: pm8008: Fix return value check in pm8008_probe() (git-fixes).
- mfd: pm8008: Remove driver data structure pm8008_data (git-fixes).
- mfd: qcom_rpm: Fix an error handling path in qcom_rpm_probe() (git-fixes).
- mfd: qcom_rpm: Use devm_of_platform_populate() to simplify code (git-fixes).
- misc: ocxl: fix possible name leak in ocxl_file_register_afu() (git-fixes).
- misc: tifm: fix possible memory leak in tifm_7xx1_switch_media() (git-fixes).
- mISDN: hfcmulti: do not call dev_kfree_skb/kfree_skb() under spin_lock_irqsave() (git-fixes).
- mISDN: hfcpci: do not call dev_kfree_skb/kfree_skb() under spin_lock_irqsave() (git-fixes).
- mISDN: hfcsusb: do not call dev_kfree_skb/kfree_skb() under spin_lock_irqsave() (git-fixes).
- mm: fix race between MADV_FREE reclaim and blkdev direct IO read (bsc#1204989,bsc#1205601).
- mm/mempolicy: fix memory leak in set_mempolicy_home_node system call (bsc#1206468).
- mmc: alcor: fix return value check of mmc_add_host() (git-fixes).
- mmc: atmel-mci: fix return value check of mmc_add_host() (git-fixes).
- mmc: core: Normalize the error handling branch in sd_read_ext_regs() (git-fixes).
- mmc: f-sdh30: Add quirks for broken timeout clock capability (git-fixes).
- mmc: meson-gx: fix return value check of mmc_add_host() (git-fixes).
- mmc: mmci: fix return value check of mmc_add_host() (git-fixes).
- mmc: moxart: fix return value check of mmc_add_host() (git-fixes).
- mmc: mtk-sd: Fix missing clk_disable_unprepare in msdc_of_clock_parse() (git-fixes).
- mmc: mxcmmc: fix return value check of mmc_add_host() (git-fixes).
- mmc: omap_hsmmc: fix return value check of mmc_add_host() (git-fixes).
- mmc: pxamci: fix return value check of mmc_add_host() (git-fixes).
- mmc: renesas_sdhi: alway populate SCC pointer (git-fixes).
- mmc: renesas_sdhi: better reset from HS400 mode (git-fixes).
- mmc: rtsx_pci: fix return value check of mmc_add_host() (git-fixes).
- mmc: rtsx_usb_sdmmc: fix return value check of mmc_add_host() (git-fixes).
- mmc: sdhci-sprd: Disable CLK_AUTO when the clock is less than 400K (git-fixes).
- mmc: toshsd: fix return value check of mmc_add_host() (git-fixes).
- mmc: via-sdmmc: fix return value check of mmc_add_host() (git-fixes).
- mmc: vub300: fix return value check of mmc_add_host() (git-fixes).
- mmc: vub300: fix warning - do not call blocking ops when !TASK_RUNNING (git-fixes).
- mmc: wbsd: fix return value check of mmc_add_host() (git-fixes).
- mmc: wmt-sdmmc: fix return value check of mmc_add_host() (git-fixes).
- mt76: stop the radar detector after leaving dfs channel (git-fixes).
- mtd: Fix device name leak when register device failed in add_mtd_device() (git-fixes).
- mtd: lpddr2_nvm: Fix possible null-ptr-deref (git-fixes).
- mtd: maps: pxa2xx-flash: fix memory leak in probe (git-fixes).
- mtd: spi-nor: Check for zero erase size in spi_nor_find_best_erase_type() (git-fixes).
- mtd: spi-nor: Fix the number of bytes for the dummy cycles (git-fixes).
- mtd: spi-nor: hide jedec_id sysfs attribute if not present (git-fixes).
- net: allow retransmitting a TCP packet if original is still in queue (bsc#1188605 bsc#1187428 bsc#1206619).
- net: phy: xgmiitorgmii: Fix refcount leak in xgmiitorgmii_probe (git-fixes).
- net: usb: qmi_wwan: add u-blox 0x1342 composition (git-fixes).
- net: usb: smsc95xx: fix external PHY reset (git-fixes).
- net/mlx5: Fix mlx5_get_next_dev() peer device matching (bsc#1206536).
- net/mlx5: Lag, filter non compatible devices (bsc#1206536).
- netfilter: nfnetlink_osf: fix possible bogus match in nf_osf_find() (bsc#1204614).
- nfc: Fix potential resource leaks (git-fixes).
- nfc: pn533: Clear nfc_target before being used (git-fixes).
- nfc: pn533: Wait for out_urb's completion in pn533_usb_send_frame() (git-fixes).
- NFS: Handle missing attributes in OPEN reply (bsc#1203740).
- nilfs2: fix shift-out-of-bounds due to too large exponent of block size (git-fixes).
- nilfs2: fix shift-out-of-bounds/overflow in nilfs_sb2_bad_offset() (git-fixes).
- octeontx2-af: Add PTP PPS Errata workaround on CN10K silicon (jsc#SLE-24682).
- octeontx2-af: Allow mkex profile without DMAC and add L2M/L2B header extraction support (jsc#SLE-24682).
- octeontx2-af: Do not reset previous pfc config (jsc#SLE-24682).
- octeontx2-af: fix operand size in bitwise operation (jsc#SLE-24682).
- octeontx2-af: Initialize PTP_SEC_ROLLOVER register properly (jsc#SLE-24682).
- octeontx2-af: Limit link bringup time at firmware (jsc#SLE-24682).
- octeontx2-af: return correct ptp timestamp for CN10K silicon (jsc#SLE-24682).
- octeontx2-af: Set NIX link credits based on max LMAC (jsc#SLE-24682).
- octeontx2-af: Skip CGX/RPM probe incase of zero lmac count (jsc#SLE-24682).
- octeontx2-pf: Add egress PFC support (jsc#SLE-24682).
- octeontx2-pf: Add support for ptp 1-step mode on CN10K silicon (jsc#SLE-24682).
- octeontx2-pf: Fix lmtst ID used in aura free (jsc#SLE-24682).
- octeontx2-pf: Fix pfc_alloc_status array overflow (jsc#SLE-24682).
- octeontx2-pf: Fix SQE threshold checking (jsc#SLE-24682).
- octeontx2-pf: Fix unused variable build error (jsc#SLE-24682).
- octeontx2-pf: NIX TX overwrites SQ_CTX_HW_S[SQ_INT] (jsc#SLE-24682).
- octeontx2-pf: Reduce minimum mtu size to 60 (jsc#SLE-24682).
- octeontx2: Modify mbox request and response structures (jsc#SLE-24682).
- PCI: Check for alloc failure in pci_request_irq() (git-fixes).
- PCI: dwc: Fix n_fts[] array overrun (git-fixes).
- PCI: Fix pci_device_is_present() for VFs by checking PF (git-fixes).
- PCI: pci-epf-test: Register notifier if only core_init_notifier is enabled (git-fixes).
- PCI: vmd: Disable MSI remapping after suspend (git-fixes).
- PCI/sysfs: Fix double free in error path (git-fixes).
- phy: usb: s2 WoL wakeup_count not incremented for USB->Eth devices (git-fixes).
- pinctrl: k210: call of_node_put() (git-fixes).
- pinctrl: meditatek: Startup with the IRQs disabled (git-fixes).
- pinctrl: pinconf-generic: add missing of_node_put() (git-fixes).
- platform/chrome: cros_ec_typec: Cleanup switch handle return paths (git-fixes).
- platform/chrome: cros_usbpd_notify: Fix error handling in cros_usbpd_notify_init() (git-fixes).
- platform/mellanox: mlxbf-pmc: Fix event typo (git-fixes).
- platform/surface: aggregator: Add missing call to ssam_request_sync_free() (git-fixes).
- platform/surface: aggregator: Ignore command messages not intended for us (git-fixes).
- platform/x86: dell-privacy: Fix SW_CAMERA_LENS_COVER reporting (git-fixes).
- platform/x86: dell-privacy: Only register SW_CAMERA_LENS_COVER if present (git-fixes).
- platform/x86: huawei-wmi: fix return value calculation (git-fixes).
- platform/x86: intel_scu_ipc: fix possible name leak in __intel_scu_ipc_register() (git-fixes).
- platform/x86: mxm-wmi: fix memleak in mxm_wmi_call_mx[ds|mx]() (git-fixes).
- platform/x86: sony-laptop: Do not turn off 0x153 keyboard backlight during probe (git-fixes).
- PM: hibernate: Fix mistake in kerneldoc comment (git-fixes).
- PM: runtime: Do not call __rpm_callback() from rpm_idle() (git-fixes).
- PNP: fix name memory leak in pnp_alloc_dev() (git-fixes).
- power: supply: ab8500: Fix error handling in ab8500_charger_init() (git-fixes).
- power: supply: fix null pointer dereferencing in power_supply_get_battery_info (git-fixes).
- power: supply: fix residue sysfs file in error handle route of __power_supply_register() (git-fixes).
- power: supply: z2_battery: Fix possible memleak in z2_batt_probe() (git-fixes).
- powerpc: export the CPU node count (bsc#1207016 ltc#201108).
- powerpc: Take in account addition CPU node when building kexec FDT (bsc#1207016 ltc#201108).
- powerpc/64: Init jump labels before parse_early_param() (bsc#1065729).
- powerpc/pci: Fix get_phb_number() locking (bsc#1065729).
- powerpc/perf: callchain validate kernel stack pointer bounds (bsc#1065729).
- powerpc/powernv: add missing of_node_put (bsc#1065729).
- powerpc/pseries: unregister VPA when hot unplugging a CPU (bsc#1205695 ltc#200603).
- powerpc/pseries/eeh: use correct API for error log size (bsc#1065729).
- powerpc/rtas: avoid device tree lookups in rtas_os_term() (bsc#1065729).
- powerpc/rtas: avoid scheduling in rtas_os_term() (bsc#1065729).
- powerpc/xive: add missing iounmap() in error path in xive_spapr_populate_irq_data() (git-fixes).
- powerpc/xive/spapr: correct bitmap allocation size (git-fixes).
- proc: fixup uptime selftest (git-fixes).
- pstore: Avoid kcore oops by vmap()ing with VM_IOREMAP (git-fixes).
- pstore: Make sure CONFIG_PSTORE_PMSG selects CONFIG_RT_MUTEXES (git-fixes).
- pstore: Properly assign mem_type property (git-fixes).
- pstore: Switch pmsg_lock to an rt_mutex to avoid priority inversion (git-fixes).
- pstore/ram: Fix error return code in ramoops_probe() (git-fixes).
- pstore/zone: Use GFP_ATOMIC to allocate zone buffer (git-fixes).
- pwm: lpc18xx-sct: Fix a comment to match code (git-fixes).
- pwm: mediatek: always use bus clock for PWM on MT7622 (git-fixes).
- pwm: sifive: Call pwm_sifive_update_clock() while mutex is held (git-fixes).
- pwm: tegra: Improve required rate calculation (git-fixes).
- r6040: Fix kmemleak in probe and remove (git-fixes).
- random: allow partial reads if later user copies fail (bsc#1204911).
- random: check for signals every PAGE_SIZE chunk of /dev/random (bsc#1204911).
- random: convert to using fops->read_iter() (bsc#1204911).
- random: convert to using fops->write_iter() (bsc#1204911).
- random: remove outdated INT_MAX >> 6 check in urandom_read() (bsc#1204911).
- random: zero buffer after reading entropy from userspace (bsc#1204911).
- RDMA: Disable IB HW for UML (git-fixes)
- RDMA/core: Fix order of nldev_exit call (git-fixes)
- RDMA/core: Make sure 'ib_port' is valid when access sysfs node (git-fixes)
- RDMA/efa: Add EFA 0xefa2 PCI ID (git-fixes)
- RDMA/hfi: Decrease PCI device reference count in error path (git-fixes)
- RDMA/hfi1: Fix error return code in parse_platform_config() (git-fixes)
- RDMA/hns: Fix AH attr queried by query_qp (git-fixes)
- RDMA/hns: Fix error code of CMD (git-fixes)
- RDMA/hns: Fix ext_sge num error when post send (git-fixes)
- RDMA/hns: fix memory leak in hns_roce_alloc_mr() (git-fixes)
- RDMA/hns: Fix page size cap from firmware (git-fixes)
- RDMA/hns: Fix PBL page MTR find (git-fixes)
- RDMA/hns: Fix XRC caps on HIP08 (git-fixes)
- RDMA/hns: Repacing 'dseg_len' by macros in fill_ext_sge_inl_data() (git-fixes)
- RDMA/irdma: Do not request 2-level PBLEs for CQ alloc (git-fixes)
- RDMA/irdma: Initialize net_type before checking it (git-fixes)
- RDMA/irdma: Report the correct link speed (git-fixes)
- RDMA/nldev: Add checks for nla_nest_start() in fill_stat_counter_qps() (git-fixes)
- RDMA/nldev: Fix failure to send large messages (git-fixes)
- RDMA/nldev: Return '-EAGAIN' if the cm_id isn't from expected port (git-fixes)
- RDMA/restrack: Release MR restrack when delete (git-fixes)
- RDMA/rxe: Fix NULL-ptr-deref in rxe_qp_do_cleanup() when socket create failed (git-fixes)
- RDMA/siw: Fix immediate work request flush to completion queue (git-fixes)
- RDMA/siw: Fix pointer cast warning (git-fixes)
- RDMA/siw: Set defined status for work completion with undefined status (git-fixes)
- RDMA/srp: Fix error return code in srp_parse_options() (git-fixes)
- regulator: bd718x7: Drop unnecessary info print (git-fixes).
- regulator: core: fix deadlock on regulator enable (git-fixes).
- regulator: core: fix module refcount leak in set_supply() (git-fixes).
- regulator: core: fix resource leak in regulator_register() (git-fixes).
- regulator: core: fix unbalanced of node refcount in regulator_dev_lookup() (git-fixes).
- regulator: core: fix use_count leakage when handling boot-on (git-fixes).
- regulator: core: use kfree_const() to free space conditionally (git-fixes).
- regulator: qcom-labibb: Fix missing of_node_put() in qcom_labibb_regulator_probe() (git-fixes).
- regulator: qcom-rpmh: Fix PMR735a S3 regulator spec (git-fixes).
- regulator: slg51000: Wait after asserting CS pin (git-fixes).
- regulator: twl6030: fix get status of twl6032 regulators (git-fixes).
- remoteproc: core: Do pm_relax when in RPROC_OFFLINE state (git-fixes).
- remoteproc: qcom_q6v5_pas: detach power domains on remove (git-fixes).
- remoteproc: qcom_q6v5_pas: disable wakeup on probe fail or remove (git-fixes).
- remoteproc: qcom_q6v5_pas: Fix missing of_node_put() in adsp_alloc_memory_region() (git-fixes).
- remoteproc: qcom: q6v5: Fix missing clk_disable_unprepare() in q6v5_wcss_qcs404_power_on() (git-fixes).
- remoteproc: qcom: q6v5: Fix potential null-ptr-deref in q6v5_wcss_init_mmio() (git-fixes).
- remoteproc: sysmon: fix memory leak in qcom_add_sysmon_subdev() (git-fixes).
- rtc: cmos: fix build on non-ACPI platforms (git-fixes).
- rtc: cmos: Fix event handler registration ordering issue (git-fixes).
- rtc: cmos: Fix wake alarm breakage (git-fixes).
- rtc: ds1347: fix value written to century register (git-fixes).
- rtc: mxc_v2: Add missing clk_disable_unprepare() (git-fixes).
- rtc: pcf85063: fix pcf85063_clkout_control (gut-fixes).
- rtc: pcf85063: Fix reading alarm (git-fixes).
- rtc: pic32: Move devm_rtc_allocate_device earlier in pic32_rtc_probe() (git-fixes).
- rtc: rtc-cmos: Do not check ACPI_FADT_LOW_POWER_S0 (git-fixes).
- rtc: snvs: Allow a time difference on clock register read (git-fixes).
- rtc: st-lpc: Add missing clk_disable_unprepare in st_rtc_probe() (git-fixes).
- sbitmap: fix lockup while swapping (bsc#1206602).
- sched/core: Fix comparison in sched_group_cookie_match() (git-fixes)
- sched/core: Fix the bug that task won't enqueue into core (git-fixes)
- sched/topology: Remove redundant variable and fix incorrect (git-fixes)
- sched/uclamp: Fix relationship between uclamp and migration (git-fixes)
- sched/uclamp: Make task_fits_capacity() use util_fits_cpu() (git-fixes)
- scsi: 3w-9xxx: Avoid disabling device if failing to enable it (git-fixes).
- scsi: advansys: Fix kernel pointer leak (git-fixes).
- scsi: aha152x: Fix aha152x_setup() __setup handler return value (git-fixes).
- scsi: bfa: Replace snprintf() with sysfs_emit() (git-fixes).
- scsi: core: Fix sbitmap depth in scsi_realloc_sdev_budget_map() (git-fixes).
- scsi: core: Fix scsi_mode_sense() buffer length handling (git-fixes).
- scsi: core: Reallocate device's budget map on queue depth change (git-fixes).
- scsi: core: Restrict legal sdev_state transitions via sysfs (git-fixes).
- scsi: hisi_sas: Free irq vectors in order for v3 HW (git-fixes).
- scsi: hisi_sas: Limit max hw sectors for v3 HW (git-fixes).
- scsi: hisi_sas: Use managed PCI functions (git-fixes).
- scsi: ipr: Fix missing/incorrect resource cleanup in error case (git-fixes).
- scsi: iscsi: Add recv workqueue helpers (git-fixes).
- scsi: iscsi: Fix harmless double shift bug (git-fixes).
- scsi: iscsi: Fix possible memory leak when device_register() failed (git-fixes).
- scsi: iscsi: iscsi_tcp: Fix null-ptr-deref while calling getpeername() (git-fixes).
- scsi: iscsi: kabi: add iscsi_conn_queue_work back (git-fixes).
- scsi: iscsi: kabi: fix libiscsi new field (git-fixes).
- scsi: iscsi: Merge suspend fields (git-fixes).
- scsi: iscsi: Rename iscsi_conn_queue_work() (git-fixes).
- scsi: iscsi: Run recv path from workqueue (git-fixes).
- scsi: iscsi: Unblock session then wake up error handler (git-fixes).
- scsi: libfc: Fix use after free in fc_exch_abts_resp() (git-fixes).
- scsi: libiscsi: Fix UAF in iscsi_conn_get_param()/iscsi_conn_teardown() (git-fixes).
- scsi: lpfc: Correct bandwidth logging during receipt of congestion sync WCQE (jsc#PED-1445).
- scsi: lpfc: Fix crash involving race between FLOGI timeout and devloss handler (jsc#PED-1445).
- scsi: lpfc: Fix MI capability display in cmf_info sysfs attribute (jsc#PED-1445).
- scsi: lpfc: Fix WQ|CQ|EQ resource check (jsc#PED-1445).
- scsi: lpfc: Remove linux/msi.h include (jsc#PED-1445).
- scsi: lpfc: Remove redundant pointer 'lp' (jsc#PED-1445).
- scsi: lpfc: Update lpfc version to 14.2.0.9 (jsc#PED-1445).
- scsi: lpfc: Use memset_startat() helper (jsc#PED-1445).
- scsi: megaraid_sas: Fix double kfree() (git-fixes).
- scsi: megaraid_sas: Target with invalid LUN ID is deleted during scan (git-fixes).
- scsi: megaraid: Fix error check return value of register_chrdev() (git-fixes).
- scsi: mpi3mr: Fix memory leaks (git-fixes).
- scsi: mpi3mr: Fix reporting of actual data transfer size (git-fixes).
- scsi: mpi3mr: Fixes around reply request queues (git-fixes).
- scsi: mpt3sas: Do not change DMA mask while reallocating pools (bsc#1206912,bsc#1206098).
- scsi: mpt3sas: Fail reset operation if config request timed out (git-fixes).
- scsi: mpt3sas: Fix out-of-bounds compiler warning (git-fixes).
- scsi: mpt3sas: re-do lost mpt3sas DMA mask fix (bsc#1206912,bsc#1206098).
- scsi: mpt3sas: Remove usage of dma_get_required_mask() API (bsc#1206912,bsc#1206098).
- scsi: mvsas: Add PCI ID of RocketRaid 2640 (git-fixes).
- scsi: mvsas: Replace snprintf() with sysfs_emit() (git-fixes).
- scsi: myrb: Fix up null pointer access on myrb_cleanup() (git-fixes).
- scsi: myrs: Fix crash in error case (git-fixes).
- scsi: ncr53c8xx: Remove unused retrieve_from_waiting_list() function (git-fixes).
- scsi: pm8001: Fix bogus FW crash for maxcpus=1 (git-fixes).
- scsi: pm8001: Fix memory leak in pm8001_chip_fw_flash_update_req() (git-fixes).
- scsi: pm8001: Fix pm8001_mpi_task_abort_resp() (git-fixes).
- scsi: pm8001: Fix pm80xx_pci_mem_copy() interface (git-fixes).
- scsi: pm8001: Fix tag leaks on error (git-fixes).
- scsi: pm8001: Fix task leak in pm8001_send_abort_all() (git-fixes).
- scsi: pm8001: Fix use-after-free for aborted SSP/STP sas_task (git-fixes).
- scsi: pm8001: Fix use-after-free for aborted TMF sas_task (git-fixes).
- scsi: pm80xx: Fix double completion for SATA devices (git-fixes).
- scsi: pm80xx: Fix memory leak during rmmod (git-fixes).
- scsi: pmcraid: Fix missing resource cleanup in error case (git-fixes).
- scsi: qedf: Add stag_work to all the vports (git-fixes).
- scsi: qedf: Change context reset messages to ratelimited (git-fixes).
- scsi: qedf: Fix a UAF bug in __qedf_probe() (git-fixes).
- scsi: qedf: Fix refcount issue when LOGO is received during TMF (git-fixes).
- scsi: qla2xxx: Fix crash when I/O abort times out (jsc#PED-568).
- scsi: qla2xxx: Fix set-but-not-used variable warnings (jsc#PED-568).
- scsi: qla2xxx: Initialize vha->unknown_atio_[list, work] for NPIV hosts (jsc#PED-568).
- scsi: qla2xxx: Remove duplicate of vha->iocb_work initialization (jsc#PED-568).
- scsi: qla2xxx: Remove unused variable 'found_devs' (jsc#PED-568).
- scsi: scsi_debug: Fix out-of-bound read in resp_readcap16() (git-fixes).
- scsi: scsi_debug: Fix out-of-bound read in resp_report_tgtpgs() (git-fixes).
- scsi: scsi_debug: Fix possible UAF in sdebug_add_host_helper() (git-fixes).
- scsi: scsi_debug: Make the READ CAPACITY response compliant with ZBC (git-fixes).
- scsi: scsi_dh_alua: Properly handle the ALUA transitioning state (git-fixes).
- scsi: smartpqi: Fix kdump issue when controller is locked up (git-fixes).
- scsi: sr: Do not use GFP_DMA (git-fixes).
- scsi: ufs: core: Fix ufshcd_probe_hba() prototype to match the definition (git-fixes).
- scsi: ufs: Fix a kernel crash during shutdown (git-fixes).
- scsi: ufs: Treat link loss as fatal error (git-fixes).
- scsi: ufs: ufshcd-pltfrm: Check the return value of devm_kstrdup() (git-fixes).
- scsi: ufs: Use generic error code in ufshcd_set_dev_pwr_mode() (git-fixes).
- scsi: ufs: Use pm_runtime_resume_and_get() instead of pm_runtime_get_sync() (git-fixes).
- scsi: vmw_pvscsi: Expand vcpuHint to 16 bits (git-fixes).
- sctp: sysctl: make extra pointers netns aware (bsc#1204760).
- selftests: devlink: fix the fd redirect in dummy_reporter_test (git-fixes).
- selftests: set the BUILD variable to absolute path (git-fixes).
- selftests: Use optional USERCFLAGS and USERLDFLAGS (git-fixes).
- selftests/efivarfs: Add checking of the test return value (git-fixes).
- selftests/ftrace: event_triggers: wait longer for test_event_enable (git-fixes).
- selftests/powerpc: Fix resource leaks (git-fixes).
- serial: 8250_bcm7271: Fix error handling in brcmuart_init() (git-fixes).
- serial: amba-pl011: avoid SBSA UART accessing DMACR register (git-fixes).
- serial: pch: Fix PCI device refcount leak in pch_request_dma() (git-fixes).
- serial: pl011: Do not clear RX FIFO & RX interrupt in unthrottle (git-fixes).
- serial: stm32: move dma_request_chan() before clk_prepare_enable() (git-fixes).
- serial: sunsab: Fix error handling in sunsab_init() (git-fixes).
- serial: tegra: Read DMA status before terminating (git-fixes).
- soc: mediatek: pm-domains: Fix the power glitch issue (git-fixes).
- soc: qcom: llcc: make irq truly optional (git-fixes).
- soc: qcom: Select REMAP_MMIO for LLCC driver (git-fixes).
- soc: ti: knav_qmss_queue: Fix PM disable depth imbalance in knav_queue_probe (git-fixes).
- soc: ti: knav_qmss_queue: Use pm_runtime_resume_and_get instead of pm_runtime_get_sync (git-fixes).
- soc: ti: smartreflex: Fix PM disable depth imbalance in omap_sr_probe (git-fixes).
- soundwire: dmi-quirks: add quirk variant for LAPBC710 NUC15 (git-fixes).
- spi: spi-gpio: Do not set MOSI as an input if not 3WIRE mode (git-fixes).
- spi: spidev: mask SPI_CS_HIGH in SPI_IOC_RD_MODE (git-fixes).
- spi: Update reference to struct spi_controller (git-fixes).
- staging: media: tegra-video: fix chan->mipi value on error (git-fixes).
- staging: media: tegra-video: fix device_node use after free (git-fixes).
- staging: rtl8192e: Fix potential use-after-free in rtllib_rx_Monitor() (git-fixes).
- staging: rtl8192u: Fix use after free in ieee80211_rx() (git-fixes).
- string.h: Introduce memset_startat() for wiping trailing members and padding (jsc#PED-1445).
- test_firmware: fix memory leak in test_firmware_init() (git-fixes).
- thermal: core: fix some possible name leaks in error paths (git-fixes).
- thermal: int340x: Add missing attribute for data rate base (git-fixes).
- thermal/drivers/imx8mm_thermal: Validate temperature range (git-fixes).
- thermal/drivers/qcom/temp-alarm: Fix inaccurate warning for gen2 (git-fixes).
- tpm: acpi: Call acpi_put_table() to fix memory leak (git-fixes).
- tpm: tpm_crb: Add the missed acpi_put_table() to fix memory leak (git-fixes).
- tpm: tpm_tis: Add the missed acpi_put_table() to fix memory leak (git-fixes).
- tpm/tpm_crb: Fix error message in __crb_relinquish_locality() (git-fixes).
- tpm/tpm_ftpm_tee: Fix error handling in ftpm_mod_init() (git-fixes).
- tracing/doc: Fix typos on the timerlat tracer documentation (git-fixes).
- tty: serial: altera_uart_{r,t}x_chars() need only uart_port (git-fixes).
- tty: serial: clean up stop-tx part in altera_uart_tx_chars() (git-fixes).
- uio: uio_dmem_genirq: Fix deadlock between irq config and handling (git-fixes).
- uio: uio_dmem_genirq: Fix missing unlock in irq configuration (git-fixes).
- usb: cdnsp: fix lack of ZLP for ep0 (git-fixes).
- usb: dwc3: core: defer probe on ulpi_read_id timeout (git-fixes).
- usb: dwc3: fix PHY disable sequence (git-fixes).
- usb: dwc3: Fix race between dwc3_set_mode and __dwc3_set_mode (git-fixes).
- usb: dwc3: gadget: Disable GUSB2PHYCFG.SUSPHY for End Transfer (git-fixes).
- usb: dwc3: pci: Update PCIe device ID for USB3 controller on CPU sub-system for Raptor Lake (git-fixes).
- usb: dwc3: qcom: fix runtime PM wakeup (git-fixes).
- usb: gadget: uvc: Prevent buffer overflow in setup handler (git-fixes).
- usb: gadget: uvc: Rename bmInterfaceFlags -> bmInterlaceFlags (git-fixes).
- usb: rndis_host: Secure rndis_query check against int overflow (git-fixes).
- usb: roles: fix of node refcount leak in usb_role_switch_is_parent() (git-fixes).
- usb: serial: cp210x: add Kamstrup RF sniffer PIDs (git-fixes).
- usb: serial: f81232: fix division by zero on line-speed change (git-fixes).
- usb: serial: f81534: fix division by zero on line-speed change (git-fixes).
- usb: serial: option: add Quectel EM05-G modem (git-fixes).
- usb: storage: Add check for kcalloc (git-fixes).
- usb: typec: Check for ops->exit instead of ops->enter in altmode_exit (git-fixes).
- usb: typec: Factor out non-PD fwnode properties (git-fixes).
- usb: typec: tcpci: fix of node refcount leak in tcpci_register_port() (git-fixes).
- usb: typec: tipd: Cleanup resources if devm_tps6598_psy_register fails (git-fixes).
- usb: typec: tipd: Fix spurious fwnode_handle_put in error path (git-fixes).
- usb: ulpi: defer ulpi_register on ulpi_read_id timeout (git-fixes).
- usb: xhci-mtk: fix leakage of shared hcd when fail to set wakeup irq (git-fixes).
- vdpa_sim: fix possible memory leak in vdpasim_net_init() and vdpasim_blk_init() (git-fixes).
- vdpa_sim: fix vringh initialization in vdpasim_queue_ready() (git-fixes).
- vfio: platform: Do not pass return buffer to ACPI _RST method (git-fixes).
- vhost: fix range used in translate_desc() (git-fixes).
- vhost/vsock: Fix error handling in vhost_vsock_init() (git-fixes).
- vmxnet3: correctly report csum_level for encapsulated packet (git-fixes).
- vringh: fix range used in iotlb_translate() (git-fixes).
- vsock: Enable y2038 safe timeval for timeout (bsc#1206101).
- vsock: Refactor vsock_*_getsockopt to resemble sock_getsockopt (bsc#1206101).
- wifi: ar5523: Fix use-after-free on ar5523_cmd() timed out (git-fixes).
- wifi: ath10k: Fix return value in ath10k_pci_init() (git-fixes).
- wifi: ath9k: hif_usb: fix memory leak of urbs in ath9k_hif_usb_dealloc_tx_urbs() (git-fixes).
- wifi: ath9k: hif_usb: Fix use-after-free in ath9k_hif_usb_reg_in_cb() (git-fixes).
- wifi: ath9k: verify the expected usb_endpoints are present (git-fixes).
- wifi: brcmfmac: Fix error return code in brcmf_sdio_download_firmware() (git-fixes).
- wifi: brcmfmac: Fix potential shift-out-of-bounds in brcmf_fw_alloc_request() (git-fixes).
- wifi: cfg80211: Fix not unregister reg_pdev when load_builtin_regdb_keys() fails (git-fixes).
- wifi: iwlwifi: mvm: fix double free on tx path (git-fixes).
- wifi: mac80211: fix memory leak in ieee80211_if_add() (git-fixes).
- wifi: mt76: do not run mt76u_status_worker if the device is not running (git-fixes).
- wifi: mt76: fix coverity overrun-call in mt76_get_txpower() (git-fixes).
- wifi: rsi: Fix handling of 802.3 EAPOL frames sent via control port (git-fixes).
- wifi: rtl8xxxu: Add __packed to struct rtl8723bu_c2h (git-fixes).
- wifi: rtl8xxxu: Fix the channel width reporting (git-fixes).
- wifi: rtl8xxxu: gen2: Turn on the rate control (git-fixes).
- wifi: rtw89: fix physts IE page check (git-fixes).
- wifi: rtw89: Fix some error handling path in rtw89_core_sta_assoc() (git-fixes).
- wifi: rtw89: use u32_encode_bits() to fill MAC quota value (git-fixes).
- wifi: wilc1000: sdio: fix module autoloading (git-fixes).
- xfrm: Fix oops in __xfrm_state_delete() (bsc#1206794).
- xhci: Apply XHCI_RESET_TO_DEFAULT quirk to ADL-N (git-fixes).
Patchnames
SUSE-2023-147,SUSE-SLE-Micro-5.3-2023-147,SUSE-SLE-Module-Live-Patching-15-SP4-2023-147,SUSE-SLE-Module-RT-15-SP4-2023-147,openSUSE-Leap-Micro-5.3-2023-147,openSUSE-SLE-15.4-2023-147
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for the Linux Kernel", title: "Title of the patch", }, { category: "description", text: "\nThe SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2022-3344: Fixed a flaw found in the KVM's AMD nested virtualization (SVM). A malicious L1 guest could purposely fail to intercept the shutdown of a cooperative nested guest (L2), possibly leading to a page fault and kernel panic in the host (L0). (bsc#1204652)\n- CVE-2022-4662: Fixed a recursive locking violation in usb-storage that can cause the kernel to deadlock. (bsc#1206664)\n- CVE-2022-3115: Fixed a null pointer dereference in malidp_crtc.c caused by a lack of checks of the return value of kzalloc. (bsc#1206393)\n- CVE-2022-47520: Fixed an out-of-bounds read when parsing a Robust Security Network (RSN) information element from a Netlink packet. (bsc#1206515)\n- CVE-2022-3112: Fixed a null pointer dereference caused by a missing check of the return value of kzalloc() in vdec_helpers.c:amvdec_set_canvases. (bsc#1206399)\n- CVE-2022-3564: Fixed a bug which could lead to use after free, it was found in the function l2cap_reassemble_sdu of the file net/bluetooth/l2cap_core.c of the component Bluetooth. (bsc#1206073)\n- CVE-2022-4379: Fixed a use-after-free vulnerability in nfs4file.c:__nfs42_ssc_open. (bsc#1206209)\n- CVE-2022-3108: Fixed a bug in kfd_parse_subtype_iolink in drivers/gpu/drm/amd/amdkfd/kfd_crat.c where a lack of check of the return value of kmemdup() could lead to a NULL pointer dereference. (bsc#1206389)\n- CVE-2022-3104: Fixed a null pointer dereference caused by a missing check of the return value of kzalloc() in bugs.c:lkdtm_ARRAY_BOUNDS. (bsc#1206396)\n- CVE-2022-3113: Fixed a null pointer dereference caused by a missing check of the return value of devm_kzalloc. (bsc#1206390)\n- CVE-2022-3107: Fixed a null pointer dereference caused by a missing check of the return value of kvmalloc_array. (bsc#1206395)\n- CVE-2022-3111: Fixed a missing release of resource after effective lifetime bug caused by a missing free of the WM8350_IRQ_CHG_FAST_RDY in wm8350_init_charger. (bsc#1206394)\n- CVE-2022-3105: Fixed a null pointer dereference caused by a missing check of the return value of kmalloc_array. (bsc#1206398)\n- CVE-2022-3106: Fixed a null pointer dereference caused by a missing check of the return value of kmalloc. (bsc#1206397)\n \nThe following non-security bugs were fixed:\n\n- acct: fix potential integer overflow in encode_comp_t() (git-fixes).\n- ACPI: resource: Skip IRQ override on Asus Vivobook K3402ZA/K3502ZA (git-fixes).\n- ACPICA: Fix error code path in acpi_ds_call_control_method() (git-fixes).\n- ACPICA: Fix use-after-free in acpi_ut_copy_ipackage_to_ipackage() (git-fixes).\n- ALSA: asihpi: fix missing pci_disable_device() (git-fixes).\n- ALSA: control-led: use strscpy in set_led_id() (git-fixes).\n- ALSA: hda - Enable headset mic on another Dell laptop with ALC3254 (git-fixes).\n- ALSA: hda: cs35l41: Check runtime suspend capability at runtime_idle (git-fixes).\n- ALSA: hda: cs35l41: Do not return -EINVAL from system suspend/resume (git-fixes).\n- ALSA: hda/hdmi: Add a HP device 0x8715 to force connect list (git-fixes).\n- ALSA: hda/hdmi: Add HP Device 0x8711 to force connect list (git-fixes).\n- ALSA: hda/realtek - Turn on power early (git-fixes).\n- ALSA: hda/realtek: Add quirk for Lenovo TianYi510Pro-14IOB (git-fixes).\n- ALSA: hda/realtek: Apply dual codec fixup for Dell Latitude laptops (git-fixes).\n- ALSA: hda/realtek: Enable mute/micmute LEDs on HP Spectre x360 13-aw0xxx (git-fixes).\n- ALSA: hda/realtek: fix mute/micmute LEDs do not work for a HP platform (git-fixes).\n- ALSA: hda/realtek: fix mute/micmute LEDs for a HP ProBook (git-fixes).\n- ALSA: line6: correct midi status byte when receiving data from podxt (git-fixes).\n- ALSA: line6: fix stack overflow in line6_midi_transmit (git-fixes).\n- ALSA: mts64: fix possible null-ptr-defer in snd_mts64_interrupt (git-fixes).\n- ALSA: patch_realtek: Fix Dell Inspiron Plus 16 (git-fixes).\n- ALSA: pcm: fix undefined behavior in bit shift for SNDRV_PCM_RATE_KNOT (git-fixes).\n- ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF (git-fixes).\n- ALSA: pcm: Set missing stop_operating flag at undoing trigger start (git-fixes).\n- ALSA: seq: Fix function prototype mismatch in snd_seq_expand_var_event (git-fixes).\n- ALSA: seq: fix undefined behavior in bit shift for SNDRV_SEQ_FILTER_USE_EVENT (git-fixes).\n- ALSA: usb-audio: add the quirk for KT0206 device (git-fixes).\n- ALSA: usb-audio: Make sure to stop endpoints before closing EPs (git-fixes).\n- ALSA: usb-audio: Relax hw constraints for implicit fb sync (git-fixes).\n- amdgpu/pm: prevent array underflow in vega20_odn_edit_dpm_table() (git-fixes).\n- apparmor: fix a memleak in multi_transaction_new() (git-fixes).\n- apparmor: Fix abi check to include v8 abi (git-fixes).\n- apparmor: fix lockdep warning when removing a namespace (git-fixes).\n- apparmor: Fix memleak in alloc_ns() (git-fixes).\n- apparmor: Use pointer to struct aa_label for lbs_cred (git-fixes).\n- ARM: 9251/1: perf: Fix stacktraces for tracepoint events in THUMB2 kernels (git-fixes).\n- ARM: 9256/1: NWFPE: avoid compiler-generated __aeabi_uldivmod (git-fixes).\n- ARM: dts: armada-370: Fix assigned-addresses for every PCIe Root Port (git-fixes).\n- ARM: dts: armada-375: Fix assigned-addresses for every PCIe Root Port (git-fixes).\n- ARM: dts: armada-38x: Fix assigned-addresses for every PCIe Root Port (git-fixes).\n- ARM: dts: armada-38x: Fix compatible string for gpios (git-fixes).\n- ARM: dts: armada-39x: Fix assigned-addresses for every PCIe Root Port (git-fixes).\n- ARM: dts: armada-39x: Fix compatible string for gpios (git-fixes).\n- ARM: dts: armada-xp: Fix assigned-addresses for every PCIe Root Port (git-fixes).\n- ARM: dts: dove: Fix assigned-addresses for every PCIe Root Port (git-fixes).\n- ARM: dts: nuvoton: Remove bogus unit addresses from fixed-partition nodes (git-fixes).\n- ARM: dts: qcom: apq8064: fix coresight compatible (git-fixes).\n- ARM: dts: rockchip: disable arm_global_timer on rk3066 and rk3188 (git-fixes).\n- ARM: dts: rockchip: fix ir-receiver node names (git-fixes).\n- ARM: dts: rockchip: fix node name for hym8563 rtc (git-fixes).\n- ARM: dts: rockchip: remove clock-frequency from rtc (git-fixes).\n- ARM: dts: rockchip: rk3188: fix lcdc1-rgb24 node name (git-fixes).\n- ARM: dts: spear600: Fix clcd interrupt (git-fixes).\n- ARM: dts: stm32: Drop stm32mp15xc.dtsi from Avenger96 (git-fixes).\n- ARM: dts: stm32: Fix AV96 WLAN regulator gpio property (git-fixes).\n- ARM: dts: turris-omnia: Add ethernet aliases (git-fixes).\n- ARM: dts: turris-omnia: Add switch port 6 node (git-fixes).\n- ARM: mmp: fix timer_read delay (git-fixes).\n- ARM: ux500: do not directly dereference __iomem (git-fixes).\n- arm64: Avoid repeated AA64MMFR1_EL1 register read on pagefault path (performance bsc#1203219).\n- arm64: dts: armada-3720-turris-mox: Add missing interrupt for RTC (git-fixes).\n- arm64: dts: mediatek: mt6797: Fix 26M oscillator unit name (git-fixes).\n- arm64: dts: mediatek: pumpkin-common: Fix devicetree warnings (git-fixes).\n- arm64: dts: mt2712-evb: Fix usb vbus regulators unit names (git-fixes).\n- arm64: dts: mt2712-evb: Fix vproc fixed regulators unit names (git-fixes).\n- arm64: dts: mt2712e: Fix unit address for pinctrl node (git-fixes).\n- arm64: dts: mt2712e: Fix unit_address_vs_reg warning for oscillators (git-fixes).\n- arm64: dts: mt6779: Fix devicetree build warnings (git-fixes).\n- arm64: dts: mt7622: drop r_smpl property from mmc node (git-fixes).\n- arm64: dts: mt8183: drop drv-type from mmc-node (git-fixes).\n- arm64: dts: mt8183: Fix Mali GPU clock (git-fixes).\n- arm64: dts: qcom: ipq6018-cp01-c1: use BLSPI1 pins (git-fixes).\n- arm64: dts: qcom: msm8916: Drop MSS fallback compatible (git-fixes).\n- arm64: dts: qcom: msm8996: Add MSM8996 Pro support (git-fixes).\n- arm64: dts: qcom: msm8996: fix GPU OPP table (git-fixes).\n- arm64: dts: qcom: msm8996: fix supported-hw in cpufreq OPP tables (git-fixes).\n- arm64: dts: qcom: sdm630: fix UART1 pin bias (git-fixes).\n- arm64: dts: qcom: sdm845-cheza: fix AP suspend pin bias (git-fixes).\n- arm64: dts: qcom: sdm845-db845c: correct SPI2 pins drive strength (git-fixes).\n- arm64: dts: qcom: sdm850-lenovo-yoga-c630: correct I2C12 pins drive strength (git-fixes).\n- arm64: dts: qcom: sm8250-sony-xperia-edo: fix touchscreen bias-disable (git-fixes).\n- arm64: dts: qcom: sm8250: correct LPASS pin pull down (git-fixes).\n- arm64: dts: qcom: sm8250: drop bogus DP PHY clock (git-fixes).\n- arm64: dts: qcom: sm8250: fix USB-DP PHY registers (git-fixes).\n- arm64: dts: rockchip: fix ir-receiver node names (git-fixes).\n- arm64: dts: rockchip: keep I2S1 disabled for GPIO function on ROCK Pi 4 series (git-fixes).\n- arm64: dts: ti: k3-am65-main: Drop dma-coherent in crypto node (git-fixes).\n- arm64: dts: ti: k3-j721e-main: Drop dma-coherent in crypto node (git-fixes).\n- ASoC: audio-graph-card: fix refcount leak of cpu_ep in __graph_for_each_link() (git-fixes).\n- ASoC: codecs: rt298: Add quirk for KBL-R RVP platform (git-fixes).\n- ASoC: cs42l51: Correct PGA Volume minimum value (git-fixes).\n- ASoC: dt-bindings: wcd9335: fix reset line polarity in example (git-fixes).\n- ASoC: fsl_micfil: explicitly clear CHnF flags (git-fixes).\n- ASoC: fsl_micfil: explicitly clear software reset bit (git-fixes).\n- ASoC: Intel: bytcr_rt5640: Add quirk for the Advantech MICA-071 tablet (git-fixes).\n- ASoC: jz4740-i2s: Handle independent FIFO flush bits (git-fixes).\n- ASoC: mediatek: mt8173-rt5650-rt5514: fix refcount leak in mt8173_rt5650_rt5514_dev_probe() (git-fixes).\n- ASoC: mediatek: mt8173: Enable IRQ when pdata is ready (git-fixes).\n- ASoC: mediatek: mt8183: fix refcount leak in mt8183_mt6358_ts3a227_max98357_dev_probe() (git-fixes).\n- ASoC: mediatek: mtk-btcvsd: Add checks for write and read of mtk_btcvsd_snd (git-fixes).\n- ASoC: ops: Check bounds for second channel in snd_soc_put_volsw_sx() (git-fixes).\n- ASoC: ops: Correct bounds check for second channel on SX controls (git-fixes).\n- ASoC: pcm512x: Fix PM disable depth imbalance in pcm512x_probe (git-fixes).\n- ASoC: pxa: fix null-pointer dereference in filter() (git-fixes).\n- ASoC: qcom: Add checks for devm_kcalloc (git-fixes).\n- ASoC: qcom: lpass-cpu: Fix fallback SD line index handling (git-fixes).\n- ASoC: rockchip: pdm: Add missing clk_disable_unprepare() in rockchip_pdm_runtime_resume() (git-fixes).\n- ASoC: rockchip: spdif: Add missing clk_disable_unprepare() in rk_spdif_runtime_resume() (git-fixes).\n- ASoC: rt5670: Remove unbalanced pm_runtime_put() (git-fixes).\n- ASoC: rt711-sdca: fix the latency time of clock stop prepare state machine transitions (git-fixes).\n- ASoC: soc-pcm: Add NULL check in BE reparenting (git-fixes).\n- ASoC: wm8904: fix wrong outputs volume after power reactivation (git-fixes).\n- ASoC: wm8962: Wait for updated value of WM8962_CLOCKING1 register (git-fixes).\n- ASoC: wm8994: Fix potential deadlock (git-fixes).\n- ata: ahci: Fix PCS quirk application for suspend (git-fixes).\n- binfmt_elf: fix documented return value for load_elf_phdrs() (git-fixes).\n- binfmt_misc: fix shift-out-of-bounds in check_special_flags (git-fixes).\n- binfmt: Fix error return code in load_elf_fdpic_binary() (git-fixes).\n- Bluetooth: btintel: Fix missing free skb in btintel_setup_combined() (git-fixes).\n- Bluetooth: btusb: Add debug message for CSR controllers (git-fixes).\n- Bluetooth: btusb: do not call kfree_skb() under spin_lock_irqsave() (git-fixes).\n- Bluetooth: hci_bcsp: do not call kfree_skb() under spin_lock_irqsave() (git-fixes).\n- Bluetooth: hci_core: do not call kfree_skb() under spin_lock_irqsave() (git-fixes).\n- Bluetooth: hci_h5: do not call kfree_skb() under spin_lock_irqsave() (git-fixes).\n- Bluetooth: hci_ll: do not call kfree_skb() under spin_lock_irqsave() (git-fixes).\n- Bluetooth: hci_qca: do not call kfree_skb() under spin_lock_irqsave() (git-fixes).\n- Bluetooth: MGMT: Fix error report for ADD_EXT_ADV_PARAMS (git-fixes).\n- Bluetooth: RFCOMM: do not call kfree_skb() under spin_lock_irqsave() (git-fixes).\n- brcmfmac: return error when getting invalid max_flowrings from dongle (git-fixes).\n- caif: fix memory leak in cfctrl_linkup_request() (git-fixes).\n- can: kvaser_usb_leaf: Fix bogus restart events (git-fixes).\n- can: kvaser_usb_leaf: Fix wrong CAN state after stopping (git-fixes).\n- can: kvaser_usb_leaf: Set Warning state even without bus errors (git-fixes).\n- can: kvaser_usb: do not increase tx statistics when sending error message frames (git-fixes).\n- can: kvaser_usb: kvaser_usb_leaf: fix bittiming limits (git-fixes).\n- can: mcba_usb: Fix termination command argument (git-fixes).\n- can: sja1000: fix size of OCR_MODE_MASK define (git-fixes).\n- can: tcan4x5x: Remove invalid write in clear_interrupts (git-fixes).\n- chardev: fix error handling in cdev_device_add() (git-fixes).\n- cifs: Add 'extbuf' and 'extbuflen' args to smb2_compound_op() (bsc#1193629).\n- cifs: do not block in dfs_cache_noreq_update_tgthint() (bsc#1193629).\n- cifs: do not leak -ENOMEM in smb2_open_file() (bsc#1193629).\n- cifs: do not refresh cached referrals from unactive mounts (bsc#1193629).\n- cifs: fix confusing debug message (bsc#1193629).\n- cifs: Fix kmap_local_page() unmapping (git-fixes).\n- cifs: fix missing display of three mount options (bsc#1193629).\n- cifs: fix oops during encryption (bsc#1199294).\n- cifs: fix refresh of cached referrals (bsc#1193629).\n- cifs: fix source pathname comparison of dfs supers (bsc#1193629).\n- cifs: fix various whitespace errors in headers (bsc#1193629).\n- cifs: get rid of mount options string parsing (bsc#1193629).\n- cifs: minor cleanup of some headers (bsc#1193629).\n- cifs: optimize reconnect of nested links (bsc#1193629).\n- cifs: Parse owner/group for stat in smb311 posix extensions (bsc#1193629).\n- cifs: print warning when conflicting soft vs. hard mount options specified (bsc#1193629).\n- cifs: reduce roundtrips on create/qinfo requests (bsc#1193629).\n- cifs: refresh root referrals (bsc#1193629).\n- cifs: Remove duplicated include in cifsglob.h (bsc#1193629).\n- cifs: remove unused smb3_fs_context::mount_options (bsc#1193629).\n- cifs: set correct ipc status after initial tree connect (bsc#1193629).\n- cifs: set correct status of tcon ipc when reconnecting (bsc#1193629).\n- cifs: set correct tcon status after initial tree connect (bsc#1193629).\n- cifs: set resolved ip in sockaddr (bsc#1193629).\n- cifs: share dfs connections and supers (bsc#1193629).\n- cifs: skip alloc when request has no pages (bsc#1193629).\n- cifs: split out ses and tcon retrieval from mount_get_conns() (bsc#1193629).\n- cifs: update internal module number (bsc#1193629).\n- cifs: use fs_context for automounts (bsc#1193629).\n- cifs: use origin fullpath for automounts (bsc#1193629).\n- class: fix possible memory leak in __class_register() (git-fixes).\n- clk: Fix pointer casting to prevent oops in devm_clk_release() (git-fixes).\n- clk: generalize devm_clk_get() a bit (git-fixes).\n- clk: imx: imx8mp: add shared clk gate for usb suspend clk (git-fixes).\n- clk: imx: replace osc_hdmi with dummy (git-fixes).\n- clk: nomadik: correct struct name kernel-doc warning (git-fixes).\n- clk: Provide new devm_clk helpers for prepared and enabled clocks (git-fixes).\n- clk: qcom: clk-krait: fix wrong div2 functions (git-fixes).\n- clk: qcom: gcc-sm8250: Use retention mode for USB GDSCs (git-fixes).\n- clk: qcom: lpass-sc7180: Fix pm_runtime usage (git-fixes).\n- clk: renesas: r9a06g032: Repair grave increment error (git-fixes).\n- clk: rockchip: Fix memory leak in rockchip_clk_register_pll() (git-fixes).\n- clk: samsung: Fix memory leak in _samsung_clk_register_pll() (git-fixes).\n- clk: socfpga: Fix memory leak in socfpga_gate_init() (git-fixes).\n- clk: st: Fix memory leak in st_of_quadfs_setup() (git-fixes).\n- clk: sunxi-ng: v3s: Correct the header guard of ccu-sun8i-v3s.h (git-fixes).\n- clocksource/drivers/sh_cmt: Access registers according to spec (git-fixes).\n- clocksource/drivers/timer-ti-dm: Fix missing clk_disable_unprepare in dmtimer_systimer_init_clock() (git-fixes).\n- cpufreq: ACPI: Defer setting boost MSRs (bsc#1205485).\n- cpufreq: ACPI: Only set boost MSRs on supported CPUs (bsc#1205485).\n- cpufreq: ACPI: Remove unused variables 'acpi_cpufreq_online' and 'ret' (bsc#1205485).\n- cpufreq: intel_pstate: Add Sapphire Rapids support in no-HWP mode (bsc#1201068).\n- crypto: ccree - Make cc_debugfs_global_fini() available for module init function (git-fixes).\n- crypto: ccree - Remove debugfs when platform_driver_register failed (git-fixes).\n- crypto: cryptd - Use request context instead of stack for sub-request (git-fixes).\n- crypto: hisilicon/qm - fix missing destroy qp_idr (git-fixes).\n- crypto: img-hash - Fix variable dereferenced before check 'hdev->req' (git-fixes).\n- crypto: n2 - add missing hash statesize (git-fixes).\n- crypto: nitrox - avoid double free on error path in nitrox_sriov_init() (git-fixes).\n- crypto: omap-sham - Use pm_runtime_resume_and_get() in omap_sham_probe() (git-fixes).\n- crypto: rockchip - add fallback for ahash (git-fixes).\n- crypto: rockchip - add fallback for cipher (git-fixes).\n- crypto: rockchip - better handle cipher key (git-fixes).\n- crypto: rockchip - do not do custom power management (git-fixes).\n- crypto: rockchip - do not store mode globally (git-fixes).\n- crypto: rockchip - remove non-aligned handling (git-fixes).\n- crypto: rockchip - rework by using crypto_engine (git-fixes).\n- crypto: sun8i-ss - use dma_addr instead u32 (git-fixes).\n- crypto: tcrypt - Fix multibuffer skcipher speed test mem leak (git-fixes).\n- device property: Fix documentation for fwnode_get_next_parent() (git-fixes).\n- dmaengine: idxd: Fix crc_val field for completion record (git-fixes).\n- docs/zh_CN: Fix '.. only::' directive's expression (git-fixes).\n- drbd: destroy workqueue when drbd device was freed (git-fixes).\n- drbd: remove call to memset before free device/resource/connection (git-fixes).\n- drbd: remove usage of list iterator variable after loop (git-fixes).\n- drbd: set QUEUE_FLAG_STABLE_WRITES (git-fixes).\n- drbd: use after free in drbd_create_device() (git-fixes).\n- driver core: Fix bus_type.match() error handling in __driver_attach() (git-fixes).\n- drivers: dio: fix possible memory leak in dio_init() (git-fixes).\n- drivers: soc: ti: knav_qmss_queue: Mark knav_acc_firmwares as static (git-fixes).\n- drm: bridge: dw_hdmi: fix preference of RGB modes over YUV420 (git-fixes).\n- drm/amd/display: fix array index out of bound error in bios parser (git-fixes).\n- drm/amd/display: Manually adjust strobe for DCN303 (git-fixes).\n- drm/amd/display: prevent memory leak (git-fixes).\n- drm/amd/display: Use the largest vready_offset in pipe group (git-fixes).\n- drm/amd/pm/smu11: BACO is supported when it's in BACO state (git-fixes).\n- drm/amdgpu: fix pci device refcount leak (git-fixes).\n- drm/amdgpu: Fix PCI device refcount leak in amdgpu_atrm_get_bios() (git-fixes).\n- drm/amdgpu: Fix type of second parameter in odn_edit_dpm_table() callback (git-fixes).\n- drm/amdgpu: Fix type of second parameter in trans_msg() callback (git-fixes).\n- drm/amdgpu: handle polaris10/11 overlap asics (v2) (git-fixes).\n- drm/amdgpu: make display pinning more flexible (v2) (git-fixes).\n- drm/amdgpu/powerplay/psm: Fix memory leak in power state init (git-fixes).\n- drm/amdgpu/sdma_v4_0: turn off SDMA ring buffer in the s2idle suspend (git-fixes).\n- drm/amdkfd: Fix memory leakage (git-fixes).\n- drm/bridge: adv7533: remove dynamic lane switching from adv7533 bridge (git-fixes).\n- drm/bridge: anx7625: Fix edid_read break case in sp_tx_edid_read() (git-fixes).\n- drm/bridge: ti-sn65dsi86: Fix output polarity setting bug (git-fixes).\n- drm/connector: send hotplug uevent on connector cleanup (git-fixes).\n- drm/edid: Fix minimum bpc supported with DSC1.2 for HDMI sink (git-fixes).\n- drm/etnaviv: add missing quirks for GC300 (git-fixes).\n- drm/etnaviv: do not truncate physical page address (git-fixes).\n- drm/fourcc: Add packed 10bit YUV 4:2:0 format (git-fixes).\n- drm/fourcc: Fix vsub/hsub for Q410 and Q401 (git-fixes).\n- drm/fsl-dcu: Fix return type of fsl_dcu_drm_connector_mode_valid() (git-fixes).\n- drm/i915: Fix documentation for intel_uncore_forcewake_put__locked (git-fixes).\n- drm/i915: remove circ_buf.h includes (git-fixes).\n- drm/i915: unpin on error in intel_vgpu_shadow_mm_pin() (git-fixes).\n- drm/i915/display: Do not disable DDI/Transcoder when setting phy test pattern (git-fixes).\n- drm/i915/dsi: fix VBT send packet port selection for dual link DSI (git-fixes).\n- drm/i915/gvt: fix gvt debugfs destroy (git-fixes).\n- drm/i915/gvt: fix vgpu debugfs clean in remove (git-fixes).\n- drm/i915/migrate: do not check the scratch page (git-fixes).\n- drm/i915/migrate: fix length calculation (git-fixes).\n- drm/i915/migrate: fix offset calculation (git-fixes).\n- drm/i915/ttm: never purge busy objects (git-fixes).\n- drm/imx: ipuv3-plane: Fix overlay plane width (git-fixes).\n- drm/ingenic: Fix missing platform_driver_unregister() call in ingenic_drm_init() (git-fixes).\n- drm/mediatek: Fix return type of mtk_hdmi_bridge_mode_valid() (git-fixes).\n- drm/mediatek: Modify dpi power on/off sequence (git-fixes).\n- drm/meson: Reduce the FIFO lines held when AFBC is not used (git-fixes).\n- drm/msm: another fix for the headless Adreno GPU (git-fixes).\n- drm/msm: Use drm_mode_copy() (git-fixes).\n- drm/msm/adreno: Make adreno quirks not overwrite each other (git-fixes).\n- drm/msm/dp: do not complete dp_aux_cmd_fifo_tx() if irq is not for aux transfer (git-fixes).\n- drm/panel/panel-sitronix-st7701: Remove panel on DSI attach failure (git-fixes).\n- drm/panfrost: Fix GEM handle creation ref-counting (git-fixes).\n- drm/radeon: Add the missed acpi_put_table() to fix memory leak (git-fixes).\n- drm/radeon: Fix PCI device refcount leak in radeon_atrm_get_bios() (git-fixes).\n- drm/rockchip: lvds: fix PM usage counter unbalance in poweron (git-fixes).\n- drm/rockchip: Use drm_mode_copy() (git-fixes).\n- drm/shmem-helper: Avoid vm_open error paths (git-fixes).\n- drm/shmem-helper: Remove errant put in error path (git-fixes).\n- drm/sti: Fix return type of sti_{dvo,hda,hdmi}_connector_mode_valid() (git-fixes).\n- drm/sti: Use drm_mode_copy() (git-fixes).\n- drm/tegra: Add missing clk_disable_unprepare() in tegra_dc_probe() (git-fixes).\n- drm/virtio: Fix GEM handle creation UAF (git-fixes).\n- drm/vmwgfx: Do not use screen objects when SEV is active (git-fixes).\n- drm/vmwgfx: Fix a sparse warning in kernel docs (git-fixes).\n- drm/vmwgfx: Validate the box size for the snooped cursor (git-fixes).\n- Drop FIPS mode DRBG->getrandom(2) wire-up (bsc#1191259)\n- dt-bindings: clock: qcom,aoncc-sm8250: fix compatible (git-fixes).\n- dt-bindings: display: sun6i-dsi: Fix clock conditional (git-fixes).\n- dt-bindings: gpio: gpio-davinci: Increase maxItems in gpio-line-names (git-fixes).\n- dt-bindings: msm: dsi-controller-main: Fix description of core clock (git-fixes).\n- dt-bindings: msm: dsi-controller-main: Fix operating-points-v2 constraint (git-fixes).\n- dt-bindings: msm: dsi-phy-28nm: Add missing qcom, dsi-phy-regulator-ldo-mode (git-fixes).\n- dt-bindings: msm/dsi: Do not require vcca-supply on 14nm PHY (git-fixes).\n- dt-bindings: msm/dsi: Do not require vdds-supply on 10nm PHY (git-fixes).\n- dt-bindings: net: sun8i-emac: Add phy-supply property (git-fixes).\n- EDAC/mc_sysfs: Increase legacy channel support to 12 (bsc#1205263).\n- efi: Add iMac Pro 2017 to uefi skip cert quirk (git-fixes).\n- efi: fix userspace infinite retry read efivars after EFI runtime services page fault (git-fixes).\n- extcon: usbc-tusb320: Add support for mode setting and reset (git-fixes).\n- extcon: usbc-tusb320: Add support for TUSB320L (git-fixes).\n- extcon: usbc-tusb320: Factor out extcon into dedicated functions (git-fixes).\n- fbcon: Use kzalloc() in fbcon_prepare_logo() (git-fixes).\n- fbdev: fbcon: release buffer when fbcon_do_set_font() failed (git-fixes).\n- fbdev: geode: do not build on UML (git-fixes).\n- fbdev: matroxfb: G200eW: Increase max memory from 1 MB to 16 MB (git-fixes).\n- fbdev: pm2fb: fix missing pci_disable_device() (git-fixes).\n- fbdev: ssd1307fb: Drop optional dependency (git-fixes).\n- fbdev: uvesafb: do not build on UML (git-fixes).\n- fbdev: uvesafb: Fixes an error handling path in uvesafb_probe() (git-fixes).\n- fbdev: vermilion: decrease reference count in error path (git-fixes).\n- fbdev: via: Fix error in via_core_init() (git-fixes).\n- firmware: raspberrypi: fix possible memory leak in rpi_firmware_probe() (git-fixes).\n- floppy: Fix memory leak in do_floppy_init() (git-fixes).\n- gpio: sifive: Fix refcount leak in sifive_gpio_probe (git-fixes).\n- gpiolib: cdev: fix NULL-pointer dereferences (git-fixes).\n- gpiolib: check the 'ngpios' property in core gpiolib code (git-fixes).\n- gpiolib: fix memory leak in gpiochip_setup_dev() (git-fixes).\n- gpiolib: Get rid of redundant 'else' (git-fixes).\n- gpiolib: improve coding style for local variables (git-fixes).\n- gpiolib: make struct comments into real kernel docs (git-fixes).\n- hamradio: baycom_epp: Fix return type of baycom_send_packet() (git-fixes).\n- hamradio: do not call dev_kfree_skb() under spin_lock_irqsave() (git-fixes).\n- HID: hid-sensor-custom: set fixed size for custom attributes (git-fixes).\n- HID: ite: Enable QUIRK_TOUCHPAD_ON_OFF_REPORT on Acer Aspire Switch V 10 (git-fixes).\n- HID: mcp2221: do not connect hidraw (git-fixes).\n- HID: multitouch: fix Asus ExpertBook P2 P2451FA trackpoint (git-fixes).\n- HID: plantronics: Additional PIDs for double volume key presses quirk (git-fixes).\n- HID: uclogic: Add HID_QUIRK_HIDINPUT_FORCE quirk (git-fixes).\n- HID: wacom: Ensure bootloader PID is usable in hidraw mode (git-fixes).\n- HSI: omap_ssi_core: Fix error handling in ssi_init() (git-fixes).\n- HSI: omap_ssi_core: fix possible memory leak in ssi_probe() (git-fixes).\n- HSI: omap_ssi_core: fix unbalanced pm_runtime_disable() (git-fixes).\n- hwmon: (jc42) Convert register access and caching to regmap/regcache (git-fixes).\n- hwmon: (jc42) Fix missing unlock on error in jc42_write() (git-fixes).\n- hwmon: (jc42) Restore the min/max/critical temperatures on resume (git-fixes).\n- hwrng: amd - Fix PCI device refcount leak (git-fixes).\n- i2c: ismt: Fix an out-of-bounds bug in ismt_access() (git-fixes).\n- i2c: mux: reg: check return value after calling platform_get_resource() (git-fixes).\n- i2c: pxa-pci: fix missing pci_disable_device() on error in ce4100_i2c_probe (git-fixes).\n- IB/IPoIB: Fix queue count inconsistency for PKEY child interfaces (git-fixes)\n- ibmveth: Always stop tx queues during close (bsc#1065729).\n- iio: adc: ad_sigma_delta: do not use internal iio_dev lock (git-fixes).\n- iio: adc128s052: add proper .data members in adc128_of_match table (git-fixes).\n- iio: fix memory leak in iio_device_register_eventset() (git-fixes).\n- iio: temperature: ltc2983: make bulk write buffer DMA-safe (git-fixes).\n- ima: Fix a potential NULL pointer access in ima_restore_measurement_list (git-fixes).\n- Input: elants_i2c - properly handle the reset GPIO when power is off (git-fixes).\n- Input: joystick - fix Kconfig warning for JOYSTICK_ADC (git-fixes).\n- Input: wistron_btns - disable on UML (git-fixes).\n- integrity: Fix memory leakage in keyring allocation error path (git-fixes).\n- ipmi: fix long wait in unload when IPMI disconnect (git-fixes).\n- ipmi: fix memleak when unload ipmi driver (git-fixes).\n- ipmi: fix use after free in _ipmi_destroy_user() (git-fixes).\n- ipmi: kcs: Poll OBF briefly to reduce OBE latency (git-fixes).\n- ipu3-imgu: Fix NULL pointer dereference in imgu_subdev_set_selection() (git-fixes).\n- lib/debugobjects: fix stat count and optimize debug_objects_mem_init (git-fixes).\n- lib/fonts: fix undefined behavior in bit shift for get_default_font (git-fixes).\n- mailbox: arm_mhuv2: Fix return value check in mhuv2_probe() (git-fixes).\n- mailbox: mpfs: read the system controller's status (git-fixes).\n- mailbox: zynq-ipi: fix error handling while device_register() fails (git-fixes).\n- media: adv748x: afe: Select input port when initializing AFE (git-fixes).\n- media: camss: Clean up received buffers on failed start of streaming (git-fixes).\n- media: dvb-core: Fix double free in dvb_register_device() (git-fixes).\n- media: dvb-core: Fix ignored return value in dvb_register_frontend() (git-fixes).\n- media: dvb-frontends: fix leak of memory fw (git-fixes).\n- media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer() (git-fixes).\n- media: dvb-usb: fix memory leak in dvb_usb_adapter_init() (git-fixes).\n- media: i2c: ad5820: Fix error path (git-fixes).\n- media: imon: fix a race condition in send_packet() (git-fixes).\n- media: saa7164: fix missing pci_disable_device() (git-fixes).\n- media: si470x: Fix use-after-free in si470x_int_in_callback() (git-fixes).\n- media: solo6x10: fix possible memory leak in solo_sysfs_init() (git-fixes).\n- media: stv0288: use explicitly signed char (git-fixes).\n- media: v4l2-ctrls: Fix off-by-one error in integer menu control check (git-fixes).\n- media: v4l2-dv-timings.c: fix too strict blanking sanity checks (git-fixes).\n- media: videobuf-dma-contig: use dma_mmap_coherent (git-fixes).\n- media: vidtv: Fix use-after-free in vidtv_bridge_dvb_init() (git-fixes).\n- media: vimc: Fix wrong function called when vimc_init() fails (git-fixes).\n- media: vivid: fix compose size exceed boundary (git-fixes).\n- memcg, kmem: further deprecate kmem.limit_in_bytes (bsc#1206896).\n- memcg: Fix possible use-after-free in memcg_write_event_control() (bsc#1206344).\n- mfd: bd957x: Fix Kconfig dependency on REGMAP_IRQ (git-fixes).\n- mfd: mt6360: Add bounds checking in Regmap read/write call-backs (git-fixes).\n- mfd: pm8008: Fix return value check in pm8008_probe() (git-fixes).\n- mfd: pm8008: Remove driver data structure pm8008_data (git-fixes).\n- mfd: qcom_rpm: Fix an error handling path in qcom_rpm_probe() (git-fixes).\n- mfd: qcom_rpm: Use devm_of_platform_populate() to simplify code (git-fixes).\n- misc: ocxl: fix possible name leak in ocxl_file_register_afu() (git-fixes).\n- misc: tifm: fix possible memory leak in tifm_7xx1_switch_media() (git-fixes).\n- mISDN: hfcmulti: do not call dev_kfree_skb/kfree_skb() under spin_lock_irqsave() (git-fixes).\n- mISDN: hfcpci: do not call dev_kfree_skb/kfree_skb() under spin_lock_irqsave() (git-fixes).\n- mISDN: hfcsusb: do not call dev_kfree_skb/kfree_skb() under spin_lock_irqsave() (git-fixes).\n- mm: fix race between MADV_FREE reclaim and blkdev direct IO read (bsc#1204989,bsc#1205601).\n- mm/mempolicy: fix memory leak in set_mempolicy_home_node system call (bsc#1206468).\n- mmc: alcor: fix return value check of mmc_add_host() (git-fixes).\n- mmc: atmel-mci: fix return value check of mmc_add_host() (git-fixes).\n- mmc: core: Normalize the error handling branch in sd_read_ext_regs() (git-fixes).\n- mmc: f-sdh30: Add quirks for broken timeout clock capability (git-fixes).\n- mmc: meson-gx: fix return value check of mmc_add_host() (git-fixes).\n- mmc: mmci: fix return value check of mmc_add_host() (git-fixes).\n- mmc: moxart: fix return value check of mmc_add_host() (git-fixes).\n- mmc: mtk-sd: Fix missing clk_disable_unprepare in msdc_of_clock_parse() (git-fixes).\n- mmc: mxcmmc: fix return value check of mmc_add_host() (git-fixes).\n- mmc: omap_hsmmc: fix return value check of mmc_add_host() (git-fixes).\n- mmc: pxamci: fix return value check of mmc_add_host() (git-fixes).\n- mmc: renesas_sdhi: alway populate SCC pointer (git-fixes).\n- mmc: renesas_sdhi: better reset from HS400 mode (git-fixes).\n- mmc: rtsx_pci: fix return value check of mmc_add_host() (git-fixes).\n- mmc: rtsx_usb_sdmmc: fix return value check of mmc_add_host() (git-fixes).\n- mmc: sdhci-sprd: Disable CLK_AUTO when the clock is less than 400K (git-fixes).\n- mmc: toshsd: fix return value check of mmc_add_host() (git-fixes).\n- mmc: via-sdmmc: fix return value check of mmc_add_host() (git-fixes).\n- mmc: vub300: fix return value check of mmc_add_host() (git-fixes).\n- mmc: vub300: fix warning - do not call blocking ops when !TASK_RUNNING (git-fixes).\n- mmc: wbsd: fix return value check of mmc_add_host() (git-fixes).\n- mmc: wmt-sdmmc: fix return value check of mmc_add_host() (git-fixes).\n- mt76: stop the radar detector after leaving dfs channel (git-fixes).\n- mtd: Fix device name leak when register device failed in add_mtd_device() (git-fixes).\n- mtd: lpddr2_nvm: Fix possible null-ptr-deref (git-fixes).\n- mtd: maps: pxa2xx-flash: fix memory leak in probe (git-fixes).\n- mtd: spi-nor: Check for zero erase size in spi_nor_find_best_erase_type() (git-fixes).\n- mtd: spi-nor: Fix the number of bytes for the dummy cycles (git-fixes).\n- mtd: spi-nor: hide jedec_id sysfs attribute if not present (git-fixes).\n- net: allow retransmitting a TCP packet if original is still in queue (bsc#1188605 bsc#1187428 bsc#1206619).\n- net: phy: xgmiitorgmii: Fix refcount leak in xgmiitorgmii_probe (git-fixes).\n- net: usb: qmi_wwan: add u-blox 0x1342 composition (git-fixes).\n- net: usb: smsc95xx: fix external PHY reset (git-fixes).\n- net/mlx5: Fix mlx5_get_next_dev() peer device matching (bsc#1206536).\n- net/mlx5: Lag, filter non compatible devices (bsc#1206536).\n- netfilter: nfnetlink_osf: fix possible bogus match in nf_osf_find() (bsc#1204614).\n- nfc: Fix potential resource leaks (git-fixes).\n- nfc: pn533: Clear nfc_target before being used (git-fixes).\n- nfc: pn533: Wait for out_urb's completion in pn533_usb_send_frame() (git-fixes).\n- NFS: Handle missing attributes in OPEN reply (bsc#1203740).\n- nilfs2: fix shift-out-of-bounds due to too large exponent of block size (git-fixes).\n- nilfs2: fix shift-out-of-bounds/overflow in nilfs_sb2_bad_offset() (git-fixes).\n- octeontx2-af: Add PTP PPS Errata workaround on CN10K silicon (jsc#SLE-24682).\n- octeontx2-af: Allow mkex profile without DMAC and add L2M/L2B header extraction support (jsc#SLE-24682).\n- octeontx2-af: Do not reset previous pfc config (jsc#SLE-24682).\n- octeontx2-af: fix operand size in bitwise operation (jsc#SLE-24682).\n- octeontx2-af: Initialize PTP_SEC_ROLLOVER register properly (jsc#SLE-24682).\n- octeontx2-af: Limit link bringup time at firmware (jsc#SLE-24682).\n- octeontx2-af: return correct ptp timestamp for CN10K silicon (jsc#SLE-24682).\n- octeontx2-af: Set NIX link credits based on max LMAC (jsc#SLE-24682).\n- octeontx2-af: Skip CGX/RPM probe incase of zero lmac count (jsc#SLE-24682).\n- octeontx2-pf: Add egress PFC support (jsc#SLE-24682).\n- octeontx2-pf: Add support for ptp 1-step mode on CN10K silicon (jsc#SLE-24682).\n- octeontx2-pf: Fix lmtst ID used in aura free (jsc#SLE-24682).\n- octeontx2-pf: Fix pfc_alloc_status array overflow (jsc#SLE-24682).\n- octeontx2-pf: Fix SQE threshold checking (jsc#SLE-24682).\n- octeontx2-pf: Fix unused variable build error (jsc#SLE-24682).\n- octeontx2-pf: NIX TX overwrites SQ_CTX_HW_S[SQ_INT] (jsc#SLE-24682).\n- octeontx2-pf: Reduce minimum mtu size to 60 (jsc#SLE-24682).\n- octeontx2: Modify mbox request and response structures (jsc#SLE-24682).\n- PCI: Check for alloc failure in pci_request_irq() (git-fixes).\n- PCI: dwc: Fix n_fts[] array overrun (git-fixes).\n- PCI: Fix pci_device_is_present() for VFs by checking PF (git-fixes).\n- PCI: pci-epf-test: Register notifier if only core_init_notifier is enabled (git-fixes).\n- PCI: vmd: Disable MSI remapping after suspend (git-fixes).\n- PCI/sysfs: Fix double free in error path (git-fixes).\n- phy: usb: s2 WoL wakeup_count not incremented for USB->Eth devices (git-fixes).\n- pinctrl: k210: call of_node_put() (git-fixes).\n- pinctrl: meditatek: Startup with the IRQs disabled (git-fixes).\n- pinctrl: pinconf-generic: add missing of_node_put() (git-fixes).\n- platform/chrome: cros_ec_typec: Cleanup switch handle return paths (git-fixes).\n- platform/chrome: cros_usbpd_notify: Fix error handling in cros_usbpd_notify_init() (git-fixes).\n- platform/mellanox: mlxbf-pmc: Fix event typo (git-fixes).\n- platform/surface: aggregator: Add missing call to ssam_request_sync_free() (git-fixes).\n- platform/surface: aggregator: Ignore command messages not intended for us (git-fixes).\n- platform/x86: dell-privacy: Fix SW_CAMERA_LENS_COVER reporting (git-fixes).\n- platform/x86: dell-privacy: Only register SW_CAMERA_LENS_COVER if present (git-fixes).\n- platform/x86: huawei-wmi: fix return value calculation (git-fixes).\n- platform/x86: intel_scu_ipc: fix possible name leak in __intel_scu_ipc_register() (git-fixes).\n- platform/x86: mxm-wmi: fix memleak in mxm_wmi_call_mx[ds|mx]() (git-fixes).\n- platform/x86: sony-laptop: Do not turn off 0x153 keyboard backlight during probe (git-fixes).\n- PM: hibernate: Fix mistake in kerneldoc comment (git-fixes).\n- PM: runtime: Do not call __rpm_callback() from rpm_idle() (git-fixes).\n- PNP: fix name memory leak in pnp_alloc_dev() (git-fixes).\n- power: supply: ab8500: Fix error handling in ab8500_charger_init() (git-fixes).\n- power: supply: fix null pointer dereferencing in power_supply_get_battery_info (git-fixes).\n- power: supply: fix residue sysfs file in error handle route of __power_supply_register() (git-fixes).\n- power: supply: z2_battery: Fix possible memleak in z2_batt_probe() (git-fixes).\n- powerpc: export the CPU node count (bsc#1207016 ltc#201108).\n- powerpc: Take in account addition CPU node when building kexec FDT (bsc#1207016 ltc#201108).\n- powerpc/64: Init jump labels before parse_early_param() (bsc#1065729).\n- powerpc/pci: Fix get_phb_number() locking (bsc#1065729).\n- powerpc/perf: callchain validate kernel stack pointer bounds (bsc#1065729).\n- powerpc/powernv: add missing of_node_put (bsc#1065729).\n- powerpc/pseries: unregister VPA when hot unplugging a CPU (bsc#1205695 ltc#200603).\n- powerpc/pseries/eeh: use correct API for error log size (bsc#1065729).\n- powerpc/rtas: avoid device tree lookups in rtas_os_term() (bsc#1065729).\n- powerpc/rtas: avoid scheduling in rtas_os_term() (bsc#1065729).\n- powerpc/xive: add missing iounmap() in error path in xive_spapr_populate_irq_data() (git-fixes).\n- powerpc/xive/spapr: correct bitmap allocation size (git-fixes).\n- proc: fixup uptime selftest (git-fixes).\n- pstore: Avoid kcore oops by vmap()ing with VM_IOREMAP (git-fixes).\n- pstore: Make sure CONFIG_PSTORE_PMSG selects CONFIG_RT_MUTEXES (git-fixes).\n- pstore: Properly assign mem_type property (git-fixes).\n- pstore: Switch pmsg_lock to an rt_mutex to avoid priority inversion (git-fixes).\n- pstore/ram: Fix error return code in ramoops_probe() (git-fixes).\n- pstore/zone: Use GFP_ATOMIC to allocate zone buffer (git-fixes).\n- pwm: lpc18xx-sct: Fix a comment to match code (git-fixes).\n- pwm: mediatek: always use bus clock for PWM on MT7622 (git-fixes).\n- pwm: sifive: Call pwm_sifive_update_clock() while mutex is held (git-fixes).\n- pwm: tegra: Improve required rate calculation (git-fixes).\n- r6040: Fix kmemleak in probe and remove (git-fixes).\n- random: allow partial reads if later user copies fail (bsc#1204911).\n- random: check for signals every PAGE_SIZE chunk of /dev/random (bsc#1204911).\n- random: convert to using fops->read_iter() (bsc#1204911).\n- random: convert to using fops->write_iter() (bsc#1204911).\n- random: remove outdated INT_MAX >> 6 check in urandom_read() (bsc#1204911).\n- random: zero buffer after reading entropy from userspace (bsc#1204911).\n- RDMA: Disable IB HW for UML (git-fixes)\n- RDMA/core: Fix order of nldev_exit call (git-fixes)\n- RDMA/core: Make sure 'ib_port' is valid when access sysfs node (git-fixes)\n- RDMA/efa: Add EFA 0xefa2 PCI ID (git-fixes)\n- RDMA/hfi: Decrease PCI device reference count in error path (git-fixes)\n- RDMA/hfi1: Fix error return code in parse_platform_config() (git-fixes)\n- RDMA/hns: Fix AH attr queried by query_qp (git-fixes)\n- RDMA/hns: Fix error code of CMD (git-fixes)\n- RDMA/hns: Fix ext_sge num error when post send (git-fixes)\n- RDMA/hns: fix memory leak in hns_roce_alloc_mr() (git-fixes)\n- RDMA/hns: Fix page size cap from firmware (git-fixes)\n- RDMA/hns: Fix PBL page MTR find (git-fixes)\n- RDMA/hns: Fix XRC caps on HIP08 (git-fixes)\n- RDMA/hns: Repacing 'dseg_len' by macros in fill_ext_sge_inl_data() (git-fixes)\n- RDMA/irdma: Do not request 2-level PBLEs for CQ alloc (git-fixes)\n- RDMA/irdma: Initialize net_type before checking it (git-fixes)\n- RDMA/irdma: Report the correct link speed (git-fixes)\n- RDMA/nldev: Add checks for nla_nest_start() in fill_stat_counter_qps() (git-fixes)\n- RDMA/nldev: Fix failure to send large messages (git-fixes)\n- RDMA/nldev: Return '-EAGAIN' if the cm_id isn't from expected port (git-fixes)\n- RDMA/restrack: Release MR restrack when delete (git-fixes)\n- RDMA/rxe: Fix NULL-ptr-deref in rxe_qp_do_cleanup() when socket create failed (git-fixes)\n- RDMA/siw: Fix immediate work request flush to completion queue (git-fixes)\n- RDMA/siw: Fix pointer cast warning (git-fixes)\n- RDMA/siw: Set defined status for work completion with undefined status (git-fixes)\n- RDMA/srp: Fix error return code in srp_parse_options() (git-fixes)\n- regulator: bd718x7: Drop unnecessary info print (git-fixes).\n- regulator: core: fix deadlock on regulator enable (git-fixes).\n- regulator: core: fix module refcount leak in set_supply() (git-fixes).\n- regulator: core: fix resource leak in regulator_register() (git-fixes).\n- regulator: core: fix unbalanced of node refcount in regulator_dev_lookup() (git-fixes).\n- regulator: core: fix use_count leakage when handling boot-on (git-fixes).\n- regulator: core: use kfree_const() to free space conditionally (git-fixes).\n- regulator: qcom-labibb: Fix missing of_node_put() in qcom_labibb_regulator_probe() (git-fixes).\n- regulator: qcom-rpmh: Fix PMR735a S3 regulator spec (git-fixes).\n- regulator: slg51000: Wait after asserting CS pin (git-fixes).\n- regulator: twl6030: fix get status of twl6032 regulators (git-fixes).\n- remoteproc: core: Do pm_relax when in RPROC_OFFLINE state (git-fixes).\n- remoteproc: qcom_q6v5_pas: detach power domains on remove (git-fixes).\n- remoteproc: qcom_q6v5_pas: disable wakeup on probe fail or remove (git-fixes).\n- remoteproc: qcom_q6v5_pas: Fix missing of_node_put() in adsp_alloc_memory_region() (git-fixes).\n- remoteproc: qcom: q6v5: Fix missing clk_disable_unprepare() in q6v5_wcss_qcs404_power_on() (git-fixes).\n- remoteproc: qcom: q6v5: Fix potential null-ptr-deref in q6v5_wcss_init_mmio() (git-fixes).\n- remoteproc: sysmon: fix memory leak in qcom_add_sysmon_subdev() (git-fixes).\n- rtc: cmos: fix build on non-ACPI platforms (git-fixes).\n- rtc: cmos: Fix event handler registration ordering issue (git-fixes).\n- rtc: cmos: Fix wake alarm breakage (git-fixes).\n- rtc: ds1347: fix value written to century register (git-fixes).\n- rtc: mxc_v2: Add missing clk_disable_unprepare() (git-fixes).\n- rtc: pcf85063: fix pcf85063_clkout_control (gut-fixes).\n- rtc: pcf85063: Fix reading alarm (git-fixes).\n- rtc: pic32: Move devm_rtc_allocate_device earlier in pic32_rtc_probe() (git-fixes).\n- rtc: rtc-cmos: Do not check ACPI_FADT_LOW_POWER_S0 (git-fixes).\n- rtc: snvs: Allow a time difference on clock register read (git-fixes).\n- rtc: st-lpc: Add missing clk_disable_unprepare in st_rtc_probe() (git-fixes).\n- sbitmap: fix lockup while swapping (bsc#1206602).\n- sched/core: Fix comparison in sched_group_cookie_match() (git-fixes)\n- sched/core: Fix the bug that task won't enqueue into core (git-fixes)\n- sched/topology: Remove redundant variable and fix incorrect (git-fixes)\n- sched/uclamp: Fix relationship between uclamp and migration (git-fixes)\n- sched/uclamp: Make task_fits_capacity() use util_fits_cpu() (git-fixes)\n- scsi: 3w-9xxx: Avoid disabling device if failing to enable it (git-fixes).\n- scsi: advansys: Fix kernel pointer leak (git-fixes).\n- scsi: aha152x: Fix aha152x_setup() __setup handler return value (git-fixes).\n- scsi: bfa: Replace snprintf() with sysfs_emit() (git-fixes).\n- scsi: core: Fix sbitmap depth in scsi_realloc_sdev_budget_map() (git-fixes).\n- scsi: core: Fix scsi_mode_sense() buffer length handling (git-fixes).\n- scsi: core: Reallocate device's budget map on queue depth change (git-fixes).\n- scsi: core: Restrict legal sdev_state transitions via sysfs (git-fixes).\n- scsi: hisi_sas: Free irq vectors in order for v3 HW (git-fixes).\n- scsi: hisi_sas: Limit max hw sectors for v3 HW (git-fixes).\n- scsi: hisi_sas: Use managed PCI functions (git-fixes).\n- scsi: ipr: Fix missing/incorrect resource cleanup in error case (git-fixes).\n- scsi: iscsi: Add recv workqueue helpers (git-fixes).\n- scsi: iscsi: Fix harmless double shift bug (git-fixes).\n- scsi: iscsi: Fix possible memory leak when device_register() failed (git-fixes).\n- scsi: iscsi: iscsi_tcp: Fix null-ptr-deref while calling getpeername() (git-fixes).\n- scsi: iscsi: kabi: add iscsi_conn_queue_work back (git-fixes).\n- scsi: iscsi: kabi: fix libiscsi new field (git-fixes).\n- scsi: iscsi: Merge suspend fields (git-fixes).\n- scsi: iscsi: Rename iscsi_conn_queue_work() (git-fixes).\n- scsi: iscsi: Run recv path from workqueue (git-fixes).\n- scsi: iscsi: Unblock session then wake up error handler (git-fixes).\n- scsi: libfc: Fix use after free in fc_exch_abts_resp() (git-fixes).\n- scsi: libiscsi: Fix UAF in iscsi_conn_get_param()/iscsi_conn_teardown() (git-fixes).\n- scsi: lpfc: Correct bandwidth logging during receipt of congestion sync WCQE (jsc#PED-1445).\n- scsi: lpfc: Fix crash involving race between FLOGI timeout and devloss handler (jsc#PED-1445).\n- scsi: lpfc: Fix MI capability display in cmf_info sysfs attribute (jsc#PED-1445).\n- scsi: lpfc: Fix WQ|CQ|EQ resource check (jsc#PED-1445).\n- scsi: lpfc: Remove linux/msi.h include (jsc#PED-1445).\n- scsi: lpfc: Remove redundant pointer 'lp' (jsc#PED-1445).\n- scsi: lpfc: Update lpfc version to 14.2.0.9 (jsc#PED-1445).\n- scsi: lpfc: Use memset_startat() helper (jsc#PED-1445).\n- scsi: megaraid_sas: Fix double kfree() (git-fixes).\n- scsi: megaraid_sas: Target with invalid LUN ID is deleted during scan (git-fixes).\n- scsi: megaraid: Fix error check return value of register_chrdev() (git-fixes).\n- scsi: mpi3mr: Fix memory leaks (git-fixes).\n- scsi: mpi3mr: Fix reporting of actual data transfer size (git-fixes).\n- scsi: mpi3mr: Fixes around reply request queues (git-fixes).\n- scsi: mpt3sas: Do not change DMA mask while reallocating pools (bsc#1206912,bsc#1206098).\n- scsi: mpt3sas: Fail reset operation if config request timed out (git-fixes).\n- scsi: mpt3sas: Fix out-of-bounds compiler warning (git-fixes).\n- scsi: mpt3sas: re-do lost mpt3sas DMA mask fix (bsc#1206912,bsc#1206098).\n- scsi: mpt3sas: Remove usage of dma_get_required_mask() API (bsc#1206912,bsc#1206098).\n- scsi: mvsas: Add PCI ID of RocketRaid 2640 (git-fixes).\n- scsi: mvsas: Replace snprintf() with sysfs_emit() (git-fixes).\n- scsi: myrb: Fix up null pointer access on myrb_cleanup() (git-fixes).\n- scsi: myrs: Fix crash in error case (git-fixes).\n- scsi: ncr53c8xx: Remove unused retrieve_from_waiting_list() function (git-fixes).\n- scsi: pm8001: Fix bogus FW crash for maxcpus=1 (git-fixes).\n- scsi: pm8001: Fix memory leak in pm8001_chip_fw_flash_update_req() (git-fixes).\n- scsi: pm8001: Fix pm8001_mpi_task_abort_resp() (git-fixes).\n- scsi: pm8001: Fix pm80xx_pci_mem_copy() interface (git-fixes).\n- scsi: pm8001: Fix tag leaks on error (git-fixes).\n- scsi: pm8001: Fix task leak in pm8001_send_abort_all() (git-fixes).\n- scsi: pm8001: Fix use-after-free for aborted SSP/STP sas_task (git-fixes).\n- scsi: pm8001: Fix use-after-free for aborted TMF sas_task (git-fixes).\n- scsi: pm80xx: Fix double completion for SATA devices (git-fixes).\n- scsi: pm80xx: Fix memory leak during rmmod (git-fixes).\n- scsi: pmcraid: Fix missing resource cleanup in error case (git-fixes).\n- scsi: qedf: Add stag_work to all the vports (git-fixes).\n- scsi: qedf: Change context reset messages to ratelimited (git-fixes).\n- scsi: qedf: Fix a UAF bug in __qedf_probe() (git-fixes).\n- scsi: qedf: Fix refcount issue when LOGO is received during TMF (git-fixes).\n- scsi: qla2xxx: Fix crash when I/O abort times out (jsc#PED-568).\n- scsi: qla2xxx: Fix set-but-not-used variable warnings (jsc#PED-568).\n- scsi: qla2xxx: Initialize vha->unknown_atio_[list, work] for NPIV hosts (jsc#PED-568).\n- scsi: qla2xxx: Remove duplicate of vha->iocb_work initialization (jsc#PED-568).\n- scsi: qla2xxx: Remove unused variable 'found_devs' (jsc#PED-568).\n- scsi: scsi_debug: Fix out-of-bound read in resp_readcap16() (git-fixes).\n- scsi: scsi_debug: Fix out-of-bound read in resp_report_tgtpgs() (git-fixes).\n- scsi: scsi_debug: Fix possible UAF in sdebug_add_host_helper() (git-fixes).\n- scsi: scsi_debug: Make the READ CAPACITY response compliant with ZBC (git-fixes).\n- scsi: scsi_dh_alua: Properly handle the ALUA transitioning state (git-fixes).\n- scsi: smartpqi: Fix kdump issue when controller is locked up (git-fixes).\n- scsi: sr: Do not use GFP_DMA (git-fixes).\n- scsi: ufs: core: Fix ufshcd_probe_hba() prototype to match the definition (git-fixes).\n- scsi: ufs: Fix a kernel crash during shutdown (git-fixes).\n- scsi: ufs: Treat link loss as fatal error (git-fixes).\n- scsi: ufs: ufshcd-pltfrm: Check the return value of devm_kstrdup() (git-fixes).\n- scsi: ufs: Use generic error code in ufshcd_set_dev_pwr_mode() (git-fixes).\n- scsi: ufs: Use pm_runtime_resume_and_get() instead of pm_runtime_get_sync() (git-fixes).\n- scsi: vmw_pvscsi: Expand vcpuHint to 16 bits (git-fixes).\n- sctp: sysctl: make extra pointers netns aware (bsc#1204760).\n- selftests: devlink: fix the fd redirect in dummy_reporter_test (git-fixes).\n- selftests: set the BUILD variable to absolute path (git-fixes).\n- selftests: Use optional USERCFLAGS and USERLDFLAGS (git-fixes).\n- selftests/efivarfs: Add checking of the test return value (git-fixes).\n- selftests/ftrace: event_triggers: wait longer for test_event_enable (git-fixes).\n- selftests/powerpc: Fix resource leaks (git-fixes).\n- serial: 8250_bcm7271: Fix error handling in brcmuart_init() (git-fixes).\n- serial: amba-pl011: avoid SBSA UART accessing DMACR register (git-fixes).\n- serial: pch: Fix PCI device refcount leak in pch_request_dma() (git-fixes).\n- serial: pl011: Do not clear RX FIFO & RX interrupt in unthrottle (git-fixes).\n- serial: stm32: move dma_request_chan() before clk_prepare_enable() (git-fixes).\n- serial: sunsab: Fix error handling in sunsab_init() (git-fixes).\n- serial: tegra: Read DMA status before terminating (git-fixes).\n- soc: mediatek: pm-domains: Fix the power glitch issue (git-fixes).\n- soc: qcom: llcc: make irq truly optional (git-fixes).\n- soc: qcom: Select REMAP_MMIO for LLCC driver (git-fixes).\n- soc: ti: knav_qmss_queue: Fix PM disable depth imbalance in knav_queue_probe (git-fixes).\n- soc: ti: knav_qmss_queue: Use pm_runtime_resume_and_get instead of pm_runtime_get_sync (git-fixes).\n- soc: ti: smartreflex: Fix PM disable depth imbalance in omap_sr_probe (git-fixes).\n- soundwire: dmi-quirks: add quirk variant for LAPBC710 NUC15 (git-fixes).\n- spi: spi-gpio: Do not set MOSI as an input if not 3WIRE mode (git-fixes).\n- spi: spidev: mask SPI_CS_HIGH in SPI_IOC_RD_MODE (git-fixes).\n- spi: Update reference to struct spi_controller (git-fixes).\n- staging: media: tegra-video: fix chan->mipi value on error (git-fixes).\n- staging: media: tegra-video: fix device_node use after free (git-fixes).\n- staging: rtl8192e: Fix potential use-after-free in rtllib_rx_Monitor() (git-fixes).\n- staging: rtl8192u: Fix use after free in ieee80211_rx() (git-fixes).\n- string.h: Introduce memset_startat() for wiping trailing members and padding (jsc#PED-1445).\n- test_firmware: fix memory leak in test_firmware_init() (git-fixes).\n- thermal: core: fix some possible name leaks in error paths (git-fixes).\n- thermal: int340x: Add missing attribute for data rate base (git-fixes).\n- thermal/drivers/imx8mm_thermal: Validate temperature range (git-fixes).\n- thermal/drivers/qcom/temp-alarm: Fix inaccurate warning for gen2 (git-fixes).\n- tpm: acpi: Call acpi_put_table() to fix memory leak (git-fixes).\n- tpm: tpm_crb: Add the missed acpi_put_table() to fix memory leak (git-fixes).\n- tpm: tpm_tis: Add the missed acpi_put_table() to fix memory leak (git-fixes).\n- tpm/tpm_crb: Fix error message in __crb_relinquish_locality() (git-fixes).\n- tpm/tpm_ftpm_tee: Fix error handling in ftpm_mod_init() (git-fixes).\n- tracing/doc: Fix typos on the timerlat tracer documentation (git-fixes).\n- tty: serial: altera_uart_{r,t}x_chars() need only uart_port (git-fixes).\n- tty: serial: clean up stop-tx part in altera_uart_tx_chars() (git-fixes).\n- uio: uio_dmem_genirq: Fix deadlock between irq config and handling (git-fixes).\n- uio: uio_dmem_genirq: Fix missing unlock in irq configuration (git-fixes).\n- usb: cdnsp: fix lack of ZLP for ep0 (git-fixes).\n- usb: dwc3: core: defer probe on ulpi_read_id timeout (git-fixes).\n- usb: dwc3: fix PHY disable sequence (git-fixes).\n- usb: dwc3: Fix race between dwc3_set_mode and __dwc3_set_mode (git-fixes).\n- usb: dwc3: gadget: Disable GUSB2PHYCFG.SUSPHY for End Transfer (git-fixes).\n- usb: dwc3: pci: Update PCIe device ID for USB3 controller on CPU sub-system for Raptor Lake (git-fixes).\n- usb: dwc3: qcom: fix runtime PM wakeup (git-fixes).\n- usb: gadget: uvc: Prevent buffer overflow in setup handler (git-fixes).\n- usb: gadget: uvc: Rename bmInterfaceFlags -> bmInterlaceFlags (git-fixes).\n- usb: rndis_host: Secure rndis_query check against int overflow (git-fixes).\n- usb: roles: fix of node refcount leak in usb_role_switch_is_parent() (git-fixes).\n- usb: serial: cp210x: add Kamstrup RF sniffer PIDs (git-fixes).\n- usb: serial: f81232: fix division by zero on line-speed change (git-fixes).\n- usb: serial: f81534: fix division by zero on line-speed change (git-fixes).\n- usb: serial: option: add Quectel EM05-G modem (git-fixes).\n- usb: storage: Add check for kcalloc (git-fixes).\n- usb: typec: Check for ops->exit instead of ops->enter in altmode_exit (git-fixes).\n- usb: typec: Factor out non-PD fwnode properties (git-fixes).\n- usb: typec: tcpci: fix of node refcount leak in tcpci_register_port() (git-fixes).\n- usb: typec: tipd: Cleanup resources if devm_tps6598_psy_register fails (git-fixes).\n- usb: typec: tipd: Fix spurious fwnode_handle_put in error path (git-fixes).\n- usb: ulpi: defer ulpi_register on ulpi_read_id timeout (git-fixes).\n- usb: xhci-mtk: fix leakage of shared hcd when fail to set wakeup irq (git-fixes).\n- vdpa_sim: fix possible memory leak in vdpasim_net_init() and vdpasim_blk_init() (git-fixes).\n- vdpa_sim: fix vringh initialization in vdpasim_queue_ready() (git-fixes).\n- vfio: platform: Do not pass return buffer to ACPI _RST method (git-fixes).\n- vhost: fix range used in translate_desc() (git-fixes).\n- vhost/vsock: Fix error handling in vhost_vsock_init() (git-fixes).\n- vmxnet3: correctly report csum_level for encapsulated packet (git-fixes).\n- vringh: fix range used in iotlb_translate() (git-fixes).\n- vsock: Enable y2038 safe timeval for timeout (bsc#1206101).\n- vsock: Refactor vsock_*_getsockopt to resemble sock_getsockopt (bsc#1206101).\n- wifi: ar5523: Fix use-after-free on ar5523_cmd() timed out (git-fixes).\n- wifi: ath10k: Fix return value in ath10k_pci_init() (git-fixes).\n- wifi: ath9k: hif_usb: fix memory leak of urbs in ath9k_hif_usb_dealloc_tx_urbs() (git-fixes).\n- wifi: ath9k: hif_usb: Fix use-after-free in ath9k_hif_usb_reg_in_cb() (git-fixes).\n- wifi: ath9k: verify the expected usb_endpoints are present (git-fixes).\n- wifi: brcmfmac: Fix error return code in brcmf_sdio_download_firmware() (git-fixes).\n- wifi: brcmfmac: Fix potential shift-out-of-bounds in brcmf_fw_alloc_request() (git-fixes).\n- wifi: cfg80211: Fix not unregister reg_pdev when load_builtin_regdb_keys() fails (git-fixes).\n- wifi: iwlwifi: mvm: fix double free on tx path (git-fixes).\n- wifi: mac80211: fix memory leak in ieee80211_if_add() (git-fixes).\n- wifi: mt76: do not run mt76u_status_worker if the device is not running (git-fixes).\n- wifi: mt76: fix coverity overrun-call in mt76_get_txpower() (git-fixes).\n- wifi: rsi: Fix handling of 802.3 EAPOL frames sent via control port (git-fixes).\n- wifi: rtl8xxxu: Add __packed to struct rtl8723bu_c2h (git-fixes).\n- wifi: rtl8xxxu: Fix the channel width reporting (git-fixes).\n- wifi: rtl8xxxu: gen2: Turn on the rate control (git-fixes).\n- wifi: rtw89: fix physts IE page check (git-fixes).\n- wifi: rtw89: Fix some error handling path in rtw89_core_sta_assoc() (git-fixes).\n- wifi: rtw89: use u32_encode_bits() to fill MAC quota value (git-fixes).\n- wifi: wilc1000: sdio: fix module autoloading (git-fixes).\n- xfrm: Fix oops in __xfrm_state_delete() (bsc#1206794).\n- xhci: Apply XHCI_RESET_TO_DEFAULT quirk to ADL-N (git-fixes).\n", title: "Description of the patch", }, { category: "details", text: "SUSE-2023-147,SUSE-SLE-Micro-5.3-2023-147,SUSE-SLE-Module-Live-Patching-15-SP4-2023-147,SUSE-SLE-Module-RT-15-SP4-2023-147,openSUSE-Leap-Micro-5.3-2023-147,openSUSE-SLE-15.4-2023-147", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_0147-1.json", }, { category: "self", summary: "URL for SUSE-SU-2023:0147-1", url: "https://www.suse.com/support/update/announcement/2023/suse-su-20230147-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2023:0147-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2023-January/013528.html", }, { category: "self", summary: "SUSE Bug 1065729", url: "https://bugzilla.suse.com/1065729", }, { category: "self", summary: "SUSE Bug 1187428", url: "https://bugzilla.suse.com/1187428", }, { category: "self", summary: "SUSE Bug 1188605", url: "https://bugzilla.suse.com/1188605", }, { category: "self", summary: "SUSE Bug 1191259", url: "https://bugzilla.suse.com/1191259", }, { category: "self", summary: "SUSE Bug 1193629", url: "https://bugzilla.suse.com/1193629", }, { category: "self", summary: "SUSE Bug 1199294", url: "https://bugzilla.suse.com/1199294", }, { category: "self", summary: "SUSE Bug 1201068", url: "https://bugzilla.suse.com/1201068", }, { category: "self", summary: "SUSE Bug 1203219", url: "https://bugzilla.suse.com/1203219", }, { category: "self", summary: "SUSE Bug 1203740", url: "https://bugzilla.suse.com/1203740", }, { category: "self", summary: "SUSE Bug 1204614", url: "https://bugzilla.suse.com/1204614", }, { category: "self", summary: "SUSE Bug 1204652", url: "https://bugzilla.suse.com/1204652", }, { category: "self", summary: "SUSE Bug 1204760", url: "https://bugzilla.suse.com/1204760", }, { category: "self", summary: "SUSE Bug 1204911", url: "https://bugzilla.suse.com/1204911", }, { category: "self", summary: "SUSE Bug 1204989", url: "https://bugzilla.suse.com/1204989", }, { category: "self", summary: "SUSE Bug 1205263", url: "https://bugzilla.suse.com/1205263", }, { category: "self", summary: "SUSE Bug 1205485", url: "https://bugzilla.suse.com/1205485", }, { category: "self", summary: "SUSE Bug 1205601", url: "https://bugzilla.suse.com/1205601", }, { category: "self", summary: "SUSE Bug 1205695", url: "https://bugzilla.suse.com/1205695", }, { category: "self", summary: "SUSE Bug 1206073", url: "https://bugzilla.suse.com/1206073", }, { category: "self", summary: "SUSE Bug 1206098", url: "https://bugzilla.suse.com/1206098", }, { category: "self", summary: "SUSE Bug 1206101", url: "https://bugzilla.suse.com/1206101", }, { category: "self", summary: "SUSE Bug 1206188", url: "https://bugzilla.suse.com/1206188", }, { category: "self", summary: "SUSE Bug 1206209", url: "https://bugzilla.suse.com/1206209", }, { category: "self", summary: "SUSE Bug 1206344", url: "https://bugzilla.suse.com/1206344", }, { category: "self", summary: "SUSE Bug 1206389", url: "https://bugzilla.suse.com/1206389", }, { category: "self", summary: "SUSE Bug 1206390", url: "https://bugzilla.suse.com/1206390", }, { category: "self", summary: "SUSE Bug 1206393", url: "https://bugzilla.suse.com/1206393", }, { category: "self", summary: "SUSE Bug 1206394", url: "https://bugzilla.suse.com/1206394", }, { category: "self", summary: "SUSE Bug 1206395", url: "https://bugzilla.suse.com/1206395", }, { category: "self", summary: "SUSE Bug 1206396", url: "https://bugzilla.suse.com/1206396", }, { category: "self", summary: "SUSE Bug 1206397", url: "https://bugzilla.suse.com/1206397", }, { category: "self", summary: "SUSE Bug 1206398", url: "https://bugzilla.suse.com/1206398", }, { category: "self", summary: "SUSE Bug 1206399", url: "https://bugzilla.suse.com/1206399", }, { category: "self", summary: "SUSE Bug 1206456", url: "https://bugzilla.suse.com/1206456", }, { category: "self", summary: "SUSE Bug 1206468", url: "https://bugzilla.suse.com/1206468", }, { category: "self", summary: "SUSE Bug 1206515", url: "https://bugzilla.suse.com/1206515", }, { category: "self", summary: "SUSE Bug 1206536", url: "https://bugzilla.suse.com/1206536", }, { category: "self", summary: "SUSE Bug 1206554", url: "https://bugzilla.suse.com/1206554", }, { category: "self", summary: "SUSE Bug 1206602", url: "https://bugzilla.suse.com/1206602", }, { category: "self", summary: "SUSE Bug 1206619", url: "https://bugzilla.suse.com/1206619", }, { category: "self", summary: "SUSE Bug 1206664", url: "https://bugzilla.suse.com/1206664", }, { category: "self", summary: "SUSE Bug 1206703", url: "https://bugzilla.suse.com/1206703", }, { category: "self", summary: "SUSE Bug 1206794", url: "https://bugzilla.suse.com/1206794", }, { category: "self", summary: "SUSE Bug 1206896", url: "https://bugzilla.suse.com/1206896", }, { category: "self", summary: "SUSE Bug 1206912", url: "https://bugzilla.suse.com/1206912", }, { category: "self", summary: "SUSE Bug 1207016", url: "https://bugzilla.suse.com/1207016", }, { category: "self", summary: "SUSE CVE CVE-2022-3104 page", url: "https://www.suse.com/security/cve/CVE-2022-3104/", }, { category: "self", summary: "SUSE CVE CVE-2022-3105 page", url: "https://www.suse.com/security/cve/CVE-2022-3105/", }, { category: "self", summary: "SUSE CVE CVE-2022-3106 page", url: "https://www.suse.com/security/cve/CVE-2022-3106/", }, { category: "self", summary: "SUSE CVE CVE-2022-3107 page", url: "https://www.suse.com/security/cve/CVE-2022-3107/", }, { category: "self", summary: "SUSE CVE CVE-2022-3108 page", url: "https://www.suse.com/security/cve/CVE-2022-3108/", }, { category: "self", summary: "SUSE CVE CVE-2022-3111 page", url: "https://www.suse.com/security/cve/CVE-2022-3111/", }, { category: "self", summary: "SUSE CVE CVE-2022-3112 page", url: "https://www.suse.com/security/cve/CVE-2022-3112/", }, { category: "self", summary: "SUSE CVE CVE-2022-3113 page", url: "https://www.suse.com/security/cve/CVE-2022-3113/", }, { category: "self", summary: "SUSE CVE CVE-2022-3115 page", url: "https://www.suse.com/security/cve/CVE-2022-3115/", }, { category: "self", summary: "SUSE CVE CVE-2022-3344 page", url: "https://www.suse.com/security/cve/CVE-2022-3344/", }, { category: "self", summary: "SUSE CVE CVE-2022-3564 page", url: "https://www.suse.com/security/cve/CVE-2022-3564/", }, { category: "self", summary: "SUSE CVE CVE-2022-4379 page", url: "https://www.suse.com/security/cve/CVE-2022-4379/", }, { category: "self", summary: "SUSE CVE CVE-2022-4662 page", url: "https://www.suse.com/security/cve/CVE-2022-4662/", }, { category: "self", summary: "SUSE CVE CVE-2022-47520 page", url: "https://www.suse.com/security/cve/CVE-2022-47520/", }, ], title: "Security update for the Linux Kernel", tracking: { current_release_date: "2023-01-26T08:24:17Z", generator: { date: "2023-01-26T08:24:17Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2023:0147-1", initial_release_date: "2023-01-26T08:24:17Z", revision_history: [ { date: "2023-01-26T08:24:17Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "kernel-devel-rt-5.14.21-150400.15.8.1.noarch", product: { name: "kernel-devel-rt-5.14.21-150400.15.8.1.noarch", product_id: "kernel-devel-rt-5.14.21-150400.15.8.1.noarch", }, }, { category: "product_version", name: "kernel-source-rt-5.14.21-150400.15.8.1.noarch", product: { name: "kernel-source-rt-5.14.21-150400.15.8.1.noarch", product_id: "kernel-source-rt-5.14.21-150400.15.8.1.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "cluster-md-kmp-rt-5.14.21-150400.15.8.1.x86_64", product: { name: "cluster-md-kmp-rt-5.14.21-150400.15.8.1.x86_64", product_id: "cluster-md-kmp-rt-5.14.21-150400.15.8.1.x86_64", }, }, { category: "product_version", name: "dlm-kmp-rt-5.14.21-150400.15.8.1.x86_64", product: { name: "dlm-kmp-rt-5.14.21-150400.15.8.1.x86_64", product_id: "dlm-kmp-rt-5.14.21-150400.15.8.1.x86_64", }, }, { category: "product_version", name: "gfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", product: { name: "gfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", product_id: "gfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", }, }, { category: "product_version", name: "kernel-livepatch-5_14_21-150400_15_8-rt-1-150400.1.3.1.x86_64", product: { name: "kernel-livepatch-5_14_21-150400_15_8-rt-1-150400.1.3.1.x86_64", product_id: "kernel-livepatch-5_14_21-150400_15_8-rt-1-150400.1.3.1.x86_64", }, }, { category: "product_version", name: "kernel-rt-5.14.21-150400.15.8.1.x86_64", product: { name: "kernel-rt-5.14.21-150400.15.8.1.x86_64", product_id: "kernel-rt-5.14.21-150400.15.8.1.x86_64", }, }, { category: "product_version", name: "kernel-rt-devel-5.14.21-150400.15.8.1.x86_64", product: { name: "kernel-rt-devel-5.14.21-150400.15.8.1.x86_64", product_id: "kernel-rt-devel-5.14.21-150400.15.8.1.x86_64", }, }, { category: "product_version", name: "kernel-rt-extra-5.14.21-150400.15.8.1.x86_64", product: { name: "kernel-rt-extra-5.14.21-150400.15.8.1.x86_64", product_id: "kernel-rt-extra-5.14.21-150400.15.8.1.x86_64", }, }, { category: "product_version", name: "kernel-rt-livepatch-5.14.21-150400.15.8.1.x86_64", product: { name: "kernel-rt-livepatch-5.14.21-150400.15.8.1.x86_64", product_id: "kernel-rt-livepatch-5.14.21-150400.15.8.1.x86_64", }, }, { category: "product_version", name: "kernel-rt-livepatch-devel-5.14.21-150400.15.8.1.x86_64", product: { name: "kernel-rt-livepatch-devel-5.14.21-150400.15.8.1.x86_64", product_id: "kernel-rt-livepatch-devel-5.14.21-150400.15.8.1.x86_64", }, }, { category: "product_version", name: "kernel-rt-optional-5.14.21-150400.15.8.1.x86_64", product: { name: "kernel-rt-optional-5.14.21-150400.15.8.1.x86_64", product_id: "kernel-rt-optional-5.14.21-150400.15.8.1.x86_64", }, }, { category: "product_version", name: "kernel-rt_debug-5.14.21-150400.15.8.1.x86_64", product: { name: "kernel-rt_debug-5.14.21-150400.15.8.1.x86_64", product_id: "kernel-rt_debug-5.14.21-150400.15.8.1.x86_64", }, }, { category: "product_version", name: "kernel-rt_debug-devel-5.14.21-150400.15.8.1.x86_64", product: { name: "kernel-rt_debug-devel-5.14.21-150400.15.8.1.x86_64", product_id: "kernel-rt_debug-devel-5.14.21-150400.15.8.1.x86_64", }, }, { category: "product_version", name: "kernel-rt_debug-livepatch-devel-5.14.21-150400.15.8.1.x86_64", product: { name: "kernel-rt_debug-livepatch-devel-5.14.21-150400.15.8.1.x86_64", product_id: "kernel-rt_debug-livepatch-devel-5.14.21-150400.15.8.1.x86_64", }, }, { category: "product_version", name: "kernel-syms-rt-5.14.21-150400.15.8.1.x86_64", product: { name: "kernel-syms-rt-5.14.21-150400.15.8.1.x86_64", product_id: "kernel-syms-rt-5.14.21-150400.15.8.1.x86_64", }, }, { category: "product_version", name: "kselftests-kmp-rt-5.14.21-150400.15.8.1.x86_64", product: { name: "kselftests-kmp-rt-5.14.21-150400.15.8.1.x86_64", product_id: "kselftests-kmp-rt-5.14.21-150400.15.8.1.x86_64", }, }, { category: "product_version", name: "ocfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", product: { name: "ocfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", product_id: "ocfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", }, }, { category: "product_version", name: "reiserfs-kmp-rt-5.14.21-150400.15.8.1.x86_64", product: { name: "reiserfs-kmp-rt-5.14.21-150400.15.8.1.x86_64", product_id: "reiserfs-kmp-rt-5.14.21-150400.15.8.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Micro 5.3", product: { name: "SUSE Linux Enterprise Micro 5.3", product_id: "SUSE Linux Enterprise Micro 5.3", product_identification_helper: { cpe: "cpe:/o:suse:sle-micro:5.3", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Live Patching 15 SP4", product: { name: "SUSE Linux Enterprise Live Patching 15 SP4", product_id: "SUSE Linux Enterprise Live Patching 15 SP4", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-live-patching:15:sp4", }, }, }, { category: "product_name", name: "SUSE Real Time Module 15 SP4", product: { name: "SUSE Real Time Module 15 SP4", product_id: "SUSE Real Time Module 15 SP4", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-rt:15:sp4", }, }, }, { category: "product_name", name: "openSUSE Leap Micro 5.3", product: { name: "openSUSE Leap Micro 5.3", product_id: "openSUSE Leap Micro 5.3", product_identification_helper: { cpe: "cpe:/o:opensuse:leap-micro:5.3", }, }, }, { category: "product_name", name: "openSUSE Leap 15.4", product: { name: "openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4", product_identification_helper: { cpe: "cpe:/o:opensuse:leap:15.4", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "kernel-rt-5.14.21-150400.15.8.1.x86_64 as component of SUSE Linux Enterprise Micro 5.3", product_id: "SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.8.1.x86_64", }, product_reference: "kernel-rt-5.14.21-150400.15.8.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.3", }, { category: "default_component_of", full_product_name: { name: "kernel-livepatch-5_14_21-150400_15_8-rt-1-150400.1.3.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP4", product_id: "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_8-rt-1-150400.1.3.1.x86_64", }, product_reference: "kernel-livepatch-5_14_21-150400_15_8-rt-1-150400.1.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Live Patching 15 SP4", }, { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-rt-5.14.21-150400.15.8.1.x86_64 as component of SUSE Real Time Module 15 SP4", product_id: "SUSE Real Time Module 15 SP4:cluster-md-kmp-rt-5.14.21-150400.15.8.1.x86_64", }, product_reference: "cluster-md-kmp-rt-5.14.21-150400.15.8.1.x86_64", relates_to_product_reference: "SUSE Real Time Module 15 SP4", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-rt-5.14.21-150400.15.8.1.x86_64 as component of SUSE Real Time Module 15 SP4", product_id: "SUSE Real Time Module 15 SP4:dlm-kmp-rt-5.14.21-150400.15.8.1.x86_64", }, product_reference: "dlm-kmp-rt-5.14.21-150400.15.8.1.x86_64", relates_to_product_reference: "SUSE Real Time Module 15 SP4", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64 as component of SUSE Real Time Module 15 SP4", product_id: "SUSE Real Time Module 15 SP4:gfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", }, product_reference: "gfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", relates_to_product_reference: "SUSE Real Time Module 15 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-rt-5.14.21-150400.15.8.1.noarch as component of SUSE Real Time Module 15 SP4", product_id: "SUSE Real Time Module 15 SP4:kernel-devel-rt-5.14.21-150400.15.8.1.noarch", }, product_reference: "kernel-devel-rt-5.14.21-150400.15.8.1.noarch", relates_to_product_reference: "SUSE Real Time Module 15 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-rt-5.14.21-150400.15.8.1.x86_64 as component of SUSE Real Time Module 15 SP4", product_id: "SUSE Real Time Module 15 SP4:kernel-rt-5.14.21-150400.15.8.1.x86_64", }, product_reference: "kernel-rt-5.14.21-150400.15.8.1.x86_64", relates_to_product_reference: "SUSE Real Time Module 15 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-rt-devel-5.14.21-150400.15.8.1.x86_64 as component of SUSE Real Time Module 15 SP4", product_id: "SUSE Real Time Module 15 SP4:kernel-rt-devel-5.14.21-150400.15.8.1.x86_64", }, product_reference: "kernel-rt-devel-5.14.21-150400.15.8.1.x86_64", relates_to_product_reference: "SUSE Real Time Module 15 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-rt_debug-5.14.21-150400.15.8.1.x86_64 as component of SUSE Real Time Module 15 SP4", product_id: "SUSE Real Time Module 15 SP4:kernel-rt_debug-5.14.21-150400.15.8.1.x86_64", }, product_reference: "kernel-rt_debug-5.14.21-150400.15.8.1.x86_64", relates_to_product_reference: "SUSE Real Time Module 15 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-rt_debug-devel-5.14.21-150400.15.8.1.x86_64 as component of SUSE Real Time Module 15 SP4", product_id: "SUSE Real Time Module 15 SP4:kernel-rt_debug-devel-5.14.21-150400.15.8.1.x86_64", }, product_reference: "kernel-rt_debug-devel-5.14.21-150400.15.8.1.x86_64", relates_to_product_reference: "SUSE Real Time Module 15 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-source-rt-5.14.21-150400.15.8.1.noarch as component of SUSE Real Time Module 15 SP4", product_id: "SUSE Real Time Module 15 SP4:kernel-source-rt-5.14.21-150400.15.8.1.noarch", }, product_reference: "kernel-source-rt-5.14.21-150400.15.8.1.noarch", relates_to_product_reference: "SUSE Real Time Module 15 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-rt-5.14.21-150400.15.8.1.x86_64 as component of SUSE Real Time Module 15 SP4", product_id: "SUSE Real Time Module 15 SP4:kernel-syms-rt-5.14.21-150400.15.8.1.x86_64", }, product_reference: "kernel-syms-rt-5.14.21-150400.15.8.1.x86_64", relates_to_product_reference: "SUSE Real Time Module 15 SP4", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64 as component of SUSE Real Time Module 15 SP4", product_id: "SUSE Real Time Module 15 SP4:ocfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", }, product_reference: "ocfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", relates_to_product_reference: "SUSE Real Time Module 15 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-rt-5.14.21-150400.15.8.1.x86_64 as component of openSUSE Leap Micro 5.3", product_id: "openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.8.1.x86_64", }, product_reference: "kernel-rt-5.14.21-150400.15.8.1.x86_64", relates_to_product_reference: "openSUSE Leap Micro 5.3", }, { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-rt-5.14.21-150400.15.8.1.x86_64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:cluster-md-kmp-rt-5.14.21-150400.15.8.1.x86_64", }, product_reference: "cluster-md-kmp-rt-5.14.21-150400.15.8.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-rt-5.14.21-150400.15.8.1.x86_64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:dlm-kmp-rt-5.14.21-150400.15.8.1.x86_64", }, product_reference: "dlm-kmp-rt-5.14.21-150400.15.8.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:gfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", }, product_reference: "gfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-rt-5.14.21-150400.15.8.1.noarch as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-devel-rt-5.14.21-150400.15.8.1.noarch", }, product_reference: "kernel-devel-rt-5.14.21-150400.15.8.1.noarch", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-rt-5.14.21-150400.15.8.1.x86_64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-rt-5.14.21-150400.15.8.1.x86_64", }, product_reference: "kernel-rt-5.14.21-150400.15.8.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-rt-devel-5.14.21-150400.15.8.1.x86_64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-rt-devel-5.14.21-150400.15.8.1.x86_64", }, product_reference: "kernel-rt-devel-5.14.21-150400.15.8.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-rt_debug-5.14.21-150400.15.8.1.x86_64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-rt_debug-5.14.21-150400.15.8.1.x86_64", }, product_reference: "kernel-rt_debug-5.14.21-150400.15.8.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-rt_debug-devel-5.14.21-150400.15.8.1.x86_64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-rt_debug-devel-5.14.21-150400.15.8.1.x86_64", }, product_reference: "kernel-rt_debug-devel-5.14.21-150400.15.8.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-source-rt-5.14.21-150400.15.8.1.noarch as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-source-rt-5.14.21-150400.15.8.1.noarch", }, product_reference: "kernel-source-rt-5.14.21-150400.15.8.1.noarch", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-rt-5.14.21-150400.15.8.1.x86_64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-syms-rt-5.14.21-150400.15.8.1.x86_64", }, product_reference: "kernel-syms-rt-5.14.21-150400.15.8.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:ocfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", }, product_reference: "ocfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.4", }, ], }, vulnerabilities: [ { cve: "CVE-2022-3104", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-3104", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel through 5.16-rc6. lkdtm_ARRAY_BOUNDS in drivers/misc/lkdtm/bugs.c lacks check of the return value of kmalloc() and will cause the null pointer dereference.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_8-rt-1-150400.1.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:cluster-md-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:dlm-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:gfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-devel-rt-5.14.21-150400.15.8.1.noarch", "SUSE Real Time Module 15 SP4:kernel-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt-devel-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-devel-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-source-rt-5.14.21-150400.15.8.1.noarch", "SUSE Real Time Module 15 SP4:kernel-syms-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:ocfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-devel-rt-5.14.21-150400.15.8.1.noarch", "openSUSE Leap 15.4:kernel-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt-devel-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-devel-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-source-rt-5.14.21-150400.15.8.1.noarch", "openSUSE Leap 15.4:kernel-syms-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.8.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-3104", url: "https://www.suse.com/security/cve/CVE-2022-3104", }, { category: "external", summary: "SUSE Bug 1206396 for CVE-2022-3104", url: "https://bugzilla.suse.com/1206396", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_8-rt-1-150400.1.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:cluster-md-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:dlm-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:gfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-devel-rt-5.14.21-150400.15.8.1.noarch", "SUSE Real Time Module 15 SP4:kernel-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt-devel-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-devel-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-source-rt-5.14.21-150400.15.8.1.noarch", "SUSE Real Time Module 15 SP4:kernel-syms-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:ocfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-devel-rt-5.14.21-150400.15.8.1.noarch", "openSUSE Leap 15.4:kernel-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt-devel-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-devel-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-source-rt-5.14.21-150400.15.8.1.noarch", "openSUSE Leap 15.4:kernel-syms-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.8.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_8-rt-1-150400.1.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:cluster-md-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:dlm-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:gfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-devel-rt-5.14.21-150400.15.8.1.noarch", "SUSE Real Time Module 15 SP4:kernel-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt-devel-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-devel-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-source-rt-5.14.21-150400.15.8.1.noarch", "SUSE Real Time Module 15 SP4:kernel-syms-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:ocfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-devel-rt-5.14.21-150400.15.8.1.noarch", "openSUSE Leap 15.4:kernel-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt-devel-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-devel-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-source-rt-5.14.21-150400.15.8.1.noarch", "openSUSE Leap 15.4:kernel-syms-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.8.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-01-26T08:24:17Z", details: "moderate", }, ], title: "CVE-2022-3104", }, { cve: "CVE-2022-3105", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-3105", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel through 5.16-rc6. uapi_finalize in drivers/infiniband/core/uverbs_uapi.c lacks check of kmalloc_array().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_8-rt-1-150400.1.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:cluster-md-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:dlm-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:gfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-devel-rt-5.14.21-150400.15.8.1.noarch", "SUSE Real Time Module 15 SP4:kernel-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt-devel-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-devel-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-source-rt-5.14.21-150400.15.8.1.noarch", "SUSE Real Time Module 15 SP4:kernel-syms-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:ocfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-devel-rt-5.14.21-150400.15.8.1.noarch", "openSUSE Leap 15.4:kernel-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt-devel-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-devel-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-source-rt-5.14.21-150400.15.8.1.noarch", "openSUSE Leap 15.4:kernel-syms-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.8.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-3105", url: "https://www.suse.com/security/cve/CVE-2022-3105", }, { category: "external", summary: "SUSE Bug 1206398 for CVE-2022-3105", url: "https://bugzilla.suse.com/1206398", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_8-rt-1-150400.1.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:cluster-md-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:dlm-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:gfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-devel-rt-5.14.21-150400.15.8.1.noarch", "SUSE Real Time Module 15 SP4:kernel-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt-devel-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-devel-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-source-rt-5.14.21-150400.15.8.1.noarch", "SUSE Real Time Module 15 SP4:kernel-syms-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:ocfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-devel-rt-5.14.21-150400.15.8.1.noarch", "openSUSE Leap 15.4:kernel-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt-devel-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-devel-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-source-rt-5.14.21-150400.15.8.1.noarch", "openSUSE Leap 15.4:kernel-syms-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.8.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_8-rt-1-150400.1.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:cluster-md-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:dlm-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:gfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-devel-rt-5.14.21-150400.15.8.1.noarch", "SUSE Real Time Module 15 SP4:kernel-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt-devel-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-devel-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-source-rt-5.14.21-150400.15.8.1.noarch", "SUSE Real Time Module 15 SP4:kernel-syms-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:ocfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-devel-rt-5.14.21-150400.15.8.1.noarch", "openSUSE Leap 15.4:kernel-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt-devel-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-devel-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-source-rt-5.14.21-150400.15.8.1.noarch", "openSUSE Leap 15.4:kernel-syms-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.8.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-01-26T08:24:17Z", details: "moderate", }, ], title: "CVE-2022-3105", }, { cve: "CVE-2022-3106", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-3106", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel through 5.16-rc6. ef100_update_stats in drivers/net/ethernet/sfc/ef100_nic.c lacks check of the return value of kmalloc().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_8-rt-1-150400.1.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:cluster-md-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:dlm-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:gfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-devel-rt-5.14.21-150400.15.8.1.noarch", "SUSE Real Time Module 15 SP4:kernel-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt-devel-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-devel-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-source-rt-5.14.21-150400.15.8.1.noarch", "SUSE Real Time Module 15 SP4:kernel-syms-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:ocfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-devel-rt-5.14.21-150400.15.8.1.noarch", "openSUSE Leap 15.4:kernel-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt-devel-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-devel-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-source-rt-5.14.21-150400.15.8.1.noarch", "openSUSE Leap 15.4:kernel-syms-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.8.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-3106", url: "https://www.suse.com/security/cve/CVE-2022-3106", }, { category: "external", summary: "SUSE Bug 1206397 for CVE-2022-3106", url: "https://bugzilla.suse.com/1206397", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_8-rt-1-150400.1.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:cluster-md-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:dlm-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:gfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-devel-rt-5.14.21-150400.15.8.1.noarch", "SUSE Real Time Module 15 SP4:kernel-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt-devel-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-devel-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-source-rt-5.14.21-150400.15.8.1.noarch", "SUSE Real Time Module 15 SP4:kernel-syms-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:ocfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-devel-rt-5.14.21-150400.15.8.1.noarch", "openSUSE Leap 15.4:kernel-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt-devel-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-devel-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-source-rt-5.14.21-150400.15.8.1.noarch", "openSUSE Leap 15.4:kernel-syms-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.8.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_8-rt-1-150400.1.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:cluster-md-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:dlm-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:gfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-devel-rt-5.14.21-150400.15.8.1.noarch", "SUSE Real Time Module 15 SP4:kernel-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt-devel-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-devel-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-source-rt-5.14.21-150400.15.8.1.noarch", "SUSE Real Time Module 15 SP4:kernel-syms-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:ocfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-devel-rt-5.14.21-150400.15.8.1.noarch", "openSUSE Leap 15.4:kernel-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt-devel-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-devel-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-source-rt-5.14.21-150400.15.8.1.noarch", "openSUSE Leap 15.4:kernel-syms-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.8.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-01-26T08:24:17Z", details: "moderate", }, ], title: "CVE-2022-3106", }, { cve: "CVE-2022-3107", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-3107", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel through 5.16-rc6. netvsc_get_ethtool_stats in drivers/net/hyperv/netvsc_drv.c lacks check of the return value of kvmalloc_array() and will cause the null pointer dereference.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_8-rt-1-150400.1.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:cluster-md-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:dlm-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:gfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-devel-rt-5.14.21-150400.15.8.1.noarch", "SUSE Real Time Module 15 SP4:kernel-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt-devel-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-devel-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-source-rt-5.14.21-150400.15.8.1.noarch", "SUSE Real Time Module 15 SP4:kernel-syms-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:ocfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-devel-rt-5.14.21-150400.15.8.1.noarch", "openSUSE Leap 15.4:kernel-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt-devel-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-devel-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-source-rt-5.14.21-150400.15.8.1.noarch", "openSUSE Leap 15.4:kernel-syms-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.8.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-3107", url: "https://www.suse.com/security/cve/CVE-2022-3107", }, { category: "external", summary: "SUSE Bug 1206395 for CVE-2022-3107", url: "https://bugzilla.suse.com/1206395", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_8-rt-1-150400.1.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:cluster-md-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:dlm-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:gfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-devel-rt-5.14.21-150400.15.8.1.noarch", "SUSE Real Time Module 15 SP4:kernel-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt-devel-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-devel-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-source-rt-5.14.21-150400.15.8.1.noarch", "SUSE Real Time Module 15 SP4:kernel-syms-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:ocfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-devel-rt-5.14.21-150400.15.8.1.noarch", "openSUSE Leap 15.4:kernel-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt-devel-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-devel-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-source-rt-5.14.21-150400.15.8.1.noarch", "openSUSE Leap 15.4:kernel-syms-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.8.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_8-rt-1-150400.1.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:cluster-md-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:dlm-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:gfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-devel-rt-5.14.21-150400.15.8.1.noarch", "SUSE Real Time Module 15 SP4:kernel-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt-devel-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-devel-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-source-rt-5.14.21-150400.15.8.1.noarch", "SUSE Real Time Module 15 SP4:kernel-syms-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:ocfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-devel-rt-5.14.21-150400.15.8.1.noarch", "openSUSE Leap 15.4:kernel-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt-devel-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-devel-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-source-rt-5.14.21-150400.15.8.1.noarch", "openSUSE Leap 15.4:kernel-syms-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.8.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-01-26T08:24:17Z", details: "moderate", }, ], title: "CVE-2022-3107", }, { cve: "CVE-2022-3108", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-3108", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel through 5.16-rc6. kfd_parse_subtype_iolink in drivers/gpu/drm/amd/amdkfd/kfd_crat.c lacks check of the return value of kmemdup().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_8-rt-1-150400.1.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:cluster-md-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:dlm-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:gfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-devel-rt-5.14.21-150400.15.8.1.noarch", "SUSE Real Time Module 15 SP4:kernel-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt-devel-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-devel-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-source-rt-5.14.21-150400.15.8.1.noarch", "SUSE Real Time Module 15 SP4:kernel-syms-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:ocfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-devel-rt-5.14.21-150400.15.8.1.noarch", "openSUSE Leap 15.4:kernel-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt-devel-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-devel-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-source-rt-5.14.21-150400.15.8.1.noarch", "openSUSE Leap 15.4:kernel-syms-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.8.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-3108", url: "https://www.suse.com/security/cve/CVE-2022-3108", }, { category: "external", summary: "SUSE Bug 1206389 for CVE-2022-3108", url: "https://bugzilla.suse.com/1206389", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_8-rt-1-150400.1.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:cluster-md-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:dlm-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:gfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-devel-rt-5.14.21-150400.15.8.1.noarch", "SUSE Real Time Module 15 SP4:kernel-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt-devel-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-devel-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-source-rt-5.14.21-150400.15.8.1.noarch", "SUSE Real Time Module 15 SP4:kernel-syms-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:ocfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-devel-rt-5.14.21-150400.15.8.1.noarch", "openSUSE Leap 15.4:kernel-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt-devel-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-devel-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-source-rt-5.14.21-150400.15.8.1.noarch", "openSUSE Leap 15.4:kernel-syms-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.8.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_8-rt-1-150400.1.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:cluster-md-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:dlm-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:gfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-devel-rt-5.14.21-150400.15.8.1.noarch", "SUSE Real Time Module 15 SP4:kernel-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt-devel-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-devel-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-source-rt-5.14.21-150400.15.8.1.noarch", "SUSE Real Time Module 15 SP4:kernel-syms-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:ocfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-devel-rt-5.14.21-150400.15.8.1.noarch", "openSUSE Leap 15.4:kernel-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt-devel-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-devel-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-source-rt-5.14.21-150400.15.8.1.noarch", "openSUSE Leap 15.4:kernel-syms-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.8.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-01-26T08:24:17Z", details: "moderate", }, ], title: "CVE-2022-3108", }, { cve: "CVE-2022-3111", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-3111", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel through 5.16-rc6. free_charger_irq() in drivers/power/supply/wm8350_power.c lacks free of WM8350_IRQ_CHG_FAST_RDY, which is registered in wm8350_init_charger().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_8-rt-1-150400.1.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:cluster-md-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:dlm-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:gfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-devel-rt-5.14.21-150400.15.8.1.noarch", "SUSE Real Time Module 15 SP4:kernel-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt-devel-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-devel-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-source-rt-5.14.21-150400.15.8.1.noarch", "SUSE Real Time Module 15 SP4:kernel-syms-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:ocfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-devel-rt-5.14.21-150400.15.8.1.noarch", "openSUSE Leap 15.4:kernel-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt-devel-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-devel-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-source-rt-5.14.21-150400.15.8.1.noarch", "openSUSE Leap 15.4:kernel-syms-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.8.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-3111", url: "https://www.suse.com/security/cve/CVE-2022-3111", }, { category: "external", summary: "SUSE Bug 1206394 for CVE-2022-3111", url: "https://bugzilla.suse.com/1206394", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_8-rt-1-150400.1.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:cluster-md-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:dlm-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:gfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-devel-rt-5.14.21-150400.15.8.1.noarch", "SUSE Real Time Module 15 SP4:kernel-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt-devel-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-devel-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-source-rt-5.14.21-150400.15.8.1.noarch", "SUSE Real Time Module 15 SP4:kernel-syms-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:ocfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-devel-rt-5.14.21-150400.15.8.1.noarch", "openSUSE Leap 15.4:kernel-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt-devel-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-devel-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-source-rt-5.14.21-150400.15.8.1.noarch", "openSUSE Leap 15.4:kernel-syms-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.8.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_8-rt-1-150400.1.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:cluster-md-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:dlm-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:gfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-devel-rt-5.14.21-150400.15.8.1.noarch", "SUSE Real Time Module 15 SP4:kernel-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt-devel-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-devel-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-source-rt-5.14.21-150400.15.8.1.noarch", "SUSE Real Time Module 15 SP4:kernel-syms-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:ocfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-devel-rt-5.14.21-150400.15.8.1.noarch", "openSUSE Leap 15.4:kernel-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt-devel-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-devel-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-source-rt-5.14.21-150400.15.8.1.noarch", "openSUSE Leap 15.4:kernel-syms-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.8.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-01-26T08:24:17Z", details: "moderate", }, ], title: "CVE-2022-3111", }, { cve: "CVE-2022-3112", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-3112", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel through 5.16-rc6. amvdec_set_canvases in drivers/staging/media/meson/vdec/vdec_helpers.c lacks check of the return value of kzalloc() and will cause the null pointer dereference.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_8-rt-1-150400.1.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:cluster-md-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:dlm-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:gfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-devel-rt-5.14.21-150400.15.8.1.noarch", "SUSE Real Time Module 15 SP4:kernel-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt-devel-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-devel-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-source-rt-5.14.21-150400.15.8.1.noarch", "SUSE Real Time Module 15 SP4:kernel-syms-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:ocfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-devel-rt-5.14.21-150400.15.8.1.noarch", "openSUSE Leap 15.4:kernel-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt-devel-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-devel-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-source-rt-5.14.21-150400.15.8.1.noarch", "openSUSE Leap 15.4:kernel-syms-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.8.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-3112", url: "https://www.suse.com/security/cve/CVE-2022-3112", }, { category: "external", summary: "SUSE Bug 1206399 for CVE-2022-3112", url: "https://bugzilla.suse.com/1206399", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_8-rt-1-150400.1.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:cluster-md-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:dlm-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:gfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-devel-rt-5.14.21-150400.15.8.1.noarch", "SUSE Real Time Module 15 SP4:kernel-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt-devel-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-devel-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-source-rt-5.14.21-150400.15.8.1.noarch", "SUSE Real Time Module 15 SP4:kernel-syms-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:ocfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-devel-rt-5.14.21-150400.15.8.1.noarch", "openSUSE Leap 15.4:kernel-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt-devel-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-devel-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-source-rt-5.14.21-150400.15.8.1.noarch", "openSUSE Leap 15.4:kernel-syms-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.8.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_8-rt-1-150400.1.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:cluster-md-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:dlm-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:gfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-devel-rt-5.14.21-150400.15.8.1.noarch", "SUSE Real Time Module 15 SP4:kernel-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt-devel-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-devel-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-source-rt-5.14.21-150400.15.8.1.noarch", "SUSE Real Time Module 15 SP4:kernel-syms-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:ocfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-devel-rt-5.14.21-150400.15.8.1.noarch", "openSUSE Leap 15.4:kernel-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt-devel-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-devel-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-source-rt-5.14.21-150400.15.8.1.noarch", "openSUSE Leap 15.4:kernel-syms-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.8.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-01-26T08:24:17Z", details: "moderate", }, ], title: "CVE-2022-3112", }, { cve: "CVE-2022-3113", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-3113", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel through 5.16-rc6. mtk_vcodec_fw_vpu_init in drivers/media/platform/mtk-vcodec/mtk_vcodec_fw_vpu.c lacks check of the return value of devm_kzalloc() and will cause the null pointer dereference.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_8-rt-1-150400.1.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:cluster-md-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:dlm-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:gfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-devel-rt-5.14.21-150400.15.8.1.noarch", "SUSE Real Time Module 15 SP4:kernel-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt-devel-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-devel-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-source-rt-5.14.21-150400.15.8.1.noarch", "SUSE Real Time Module 15 SP4:kernel-syms-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:ocfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-devel-rt-5.14.21-150400.15.8.1.noarch", "openSUSE Leap 15.4:kernel-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt-devel-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-devel-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-source-rt-5.14.21-150400.15.8.1.noarch", "openSUSE Leap 15.4:kernel-syms-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.8.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-3113", url: "https://www.suse.com/security/cve/CVE-2022-3113", }, { category: "external", summary: "SUSE Bug 1206390 for CVE-2022-3113", url: "https://bugzilla.suse.com/1206390", }, { category: "external", summary: "SUSE Bug 1227890 for CVE-2022-3113", url: "https://bugzilla.suse.com/1227890", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_8-rt-1-150400.1.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:cluster-md-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:dlm-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:gfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-devel-rt-5.14.21-150400.15.8.1.noarch", "SUSE Real Time Module 15 SP4:kernel-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt-devel-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-devel-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-source-rt-5.14.21-150400.15.8.1.noarch", "SUSE Real Time Module 15 SP4:kernel-syms-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:ocfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-devel-rt-5.14.21-150400.15.8.1.noarch", "openSUSE Leap 15.4:kernel-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt-devel-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-devel-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-source-rt-5.14.21-150400.15.8.1.noarch", "openSUSE Leap 15.4:kernel-syms-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.8.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_8-rt-1-150400.1.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:cluster-md-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:dlm-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:gfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-devel-rt-5.14.21-150400.15.8.1.noarch", "SUSE Real Time Module 15 SP4:kernel-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt-devel-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-devel-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-source-rt-5.14.21-150400.15.8.1.noarch", "SUSE Real Time Module 15 SP4:kernel-syms-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:ocfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-devel-rt-5.14.21-150400.15.8.1.noarch", "openSUSE Leap 15.4:kernel-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt-devel-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-devel-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-source-rt-5.14.21-150400.15.8.1.noarch", "openSUSE Leap 15.4:kernel-syms-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.8.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-01-26T08:24:17Z", details: "moderate", }, ], title: "CVE-2022-3113", }, { cve: "CVE-2022-3115", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-3115", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel through 5.16-rc6. malidp_crtc_reset in drivers/gpu/drm/arm/malidp_crtc.c lacks check of the return value of kzalloc() and will cause the null pointer dereference.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_8-rt-1-150400.1.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:cluster-md-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:dlm-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:gfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-devel-rt-5.14.21-150400.15.8.1.noarch", "SUSE Real Time Module 15 SP4:kernel-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt-devel-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-devel-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-source-rt-5.14.21-150400.15.8.1.noarch", "SUSE Real Time Module 15 SP4:kernel-syms-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:ocfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-devel-rt-5.14.21-150400.15.8.1.noarch", "openSUSE Leap 15.4:kernel-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt-devel-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-devel-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-source-rt-5.14.21-150400.15.8.1.noarch", "openSUSE Leap 15.4:kernel-syms-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.8.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-3115", url: "https://www.suse.com/security/cve/CVE-2022-3115", }, { category: "external", summary: "SUSE Bug 1206393 for CVE-2022-3115", url: "https://bugzilla.suse.com/1206393", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_8-rt-1-150400.1.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:cluster-md-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:dlm-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:gfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-devel-rt-5.14.21-150400.15.8.1.noarch", "SUSE Real Time Module 15 SP4:kernel-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt-devel-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-devel-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-source-rt-5.14.21-150400.15.8.1.noarch", "SUSE Real Time Module 15 SP4:kernel-syms-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:ocfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-devel-rt-5.14.21-150400.15.8.1.noarch", "openSUSE Leap 15.4:kernel-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt-devel-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-devel-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-source-rt-5.14.21-150400.15.8.1.noarch", "openSUSE Leap 15.4:kernel-syms-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.8.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_8-rt-1-150400.1.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:cluster-md-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:dlm-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:gfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-devel-rt-5.14.21-150400.15.8.1.noarch", "SUSE Real Time Module 15 SP4:kernel-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt-devel-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-devel-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-source-rt-5.14.21-150400.15.8.1.noarch", "SUSE Real Time Module 15 SP4:kernel-syms-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:ocfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-devel-rt-5.14.21-150400.15.8.1.noarch", "openSUSE Leap 15.4:kernel-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt-devel-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-devel-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-source-rt-5.14.21-150400.15.8.1.noarch", "openSUSE Leap 15.4:kernel-syms-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.8.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-01-26T08:24:17Z", details: "moderate", }, ], title: "CVE-2022-3115", }, { cve: "CVE-2022-3344", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-3344", }, ], notes: [ { category: "general", text: "A flaw was found in the KVM's AMD nested virtualization (SVM). A malicious L1 guest could purposely fail to intercept the shutdown of a cooperative nested guest (L2), possibly leading to a page fault and kernel panic in the host (L0).", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_8-rt-1-150400.1.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:cluster-md-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:dlm-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:gfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-devel-rt-5.14.21-150400.15.8.1.noarch", "SUSE Real Time Module 15 SP4:kernel-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt-devel-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-devel-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-source-rt-5.14.21-150400.15.8.1.noarch", "SUSE Real Time Module 15 SP4:kernel-syms-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:ocfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-devel-rt-5.14.21-150400.15.8.1.noarch", "openSUSE Leap 15.4:kernel-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt-devel-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-devel-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-source-rt-5.14.21-150400.15.8.1.noarch", "openSUSE Leap 15.4:kernel-syms-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.8.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-3344", url: "https://www.suse.com/security/cve/CVE-2022-3344", }, { category: "external", summary: "SUSE Bug 1204652 for CVE-2022-3344", url: "https://bugzilla.suse.com/1204652", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_8-rt-1-150400.1.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:cluster-md-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:dlm-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:gfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-devel-rt-5.14.21-150400.15.8.1.noarch", "SUSE Real Time Module 15 SP4:kernel-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt-devel-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-devel-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-source-rt-5.14.21-150400.15.8.1.noarch", "SUSE Real Time Module 15 SP4:kernel-syms-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:ocfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-devel-rt-5.14.21-150400.15.8.1.noarch", "openSUSE Leap 15.4:kernel-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt-devel-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-devel-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-source-rt-5.14.21-150400.15.8.1.noarch", "openSUSE Leap 15.4:kernel-syms-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.8.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_8-rt-1-150400.1.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:cluster-md-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:dlm-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:gfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-devel-rt-5.14.21-150400.15.8.1.noarch", "SUSE Real Time Module 15 SP4:kernel-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt-devel-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-devel-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-source-rt-5.14.21-150400.15.8.1.noarch", "SUSE Real Time Module 15 SP4:kernel-syms-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:ocfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-devel-rt-5.14.21-150400.15.8.1.noarch", "openSUSE Leap 15.4:kernel-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt-devel-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-devel-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-source-rt-5.14.21-150400.15.8.1.noarch", "openSUSE Leap 15.4:kernel-syms-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.8.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-01-26T08:24:17Z", details: "moderate", }, ], title: "CVE-2022-3344", }, { cve: "CVE-2022-3564", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-3564", }, ], notes: [ { category: "general", text: "A vulnerability classified as critical was found in Linux Kernel. Affected by this vulnerability is the function l2cap_reassemble_sdu of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211087.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_8-rt-1-150400.1.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:cluster-md-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:dlm-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:gfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-devel-rt-5.14.21-150400.15.8.1.noarch", "SUSE Real Time Module 15 SP4:kernel-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt-devel-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-devel-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-source-rt-5.14.21-150400.15.8.1.noarch", "SUSE Real Time Module 15 SP4:kernel-syms-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:ocfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-devel-rt-5.14.21-150400.15.8.1.noarch", "openSUSE Leap 15.4:kernel-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt-devel-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-devel-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-source-rt-5.14.21-150400.15.8.1.noarch", "openSUSE Leap 15.4:kernel-syms-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.8.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-3564", url: "https://www.suse.com/security/cve/CVE-2022-3564", }, { category: "external", summary: "SUSE Bug 1206073 for CVE-2022-3564", url: "https://bugzilla.suse.com/1206073", }, { category: "external", summary: "SUSE Bug 1206314 for CVE-2022-3564", url: "https://bugzilla.suse.com/1206314", }, { category: "external", summary: "SUSE Bug 1208030 for CVE-2022-3564", url: "https://bugzilla.suse.com/1208030", }, { category: "external", summary: "SUSE Bug 1208044 for CVE-2022-3564", url: "https://bugzilla.suse.com/1208044", }, { category: "external", summary: "SUSE Bug 1208085 for CVE-2022-3564", url: "https://bugzilla.suse.com/1208085", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_8-rt-1-150400.1.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:cluster-md-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:dlm-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:gfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-devel-rt-5.14.21-150400.15.8.1.noarch", "SUSE Real Time Module 15 SP4:kernel-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt-devel-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-devel-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-source-rt-5.14.21-150400.15.8.1.noarch", "SUSE Real Time Module 15 SP4:kernel-syms-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:ocfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-devel-rt-5.14.21-150400.15.8.1.noarch", "openSUSE Leap 15.4:kernel-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt-devel-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-devel-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-source-rt-5.14.21-150400.15.8.1.noarch", "openSUSE Leap 15.4:kernel-syms-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.8.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_8-rt-1-150400.1.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:cluster-md-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:dlm-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:gfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-devel-rt-5.14.21-150400.15.8.1.noarch", "SUSE Real Time Module 15 SP4:kernel-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt-devel-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-devel-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-source-rt-5.14.21-150400.15.8.1.noarch", "SUSE Real Time Module 15 SP4:kernel-syms-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:ocfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-devel-rt-5.14.21-150400.15.8.1.noarch", "openSUSE Leap 15.4:kernel-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt-devel-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-devel-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-source-rt-5.14.21-150400.15.8.1.noarch", "openSUSE Leap 15.4:kernel-syms-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.8.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-01-26T08:24:17Z", details: "important", }, ], title: "CVE-2022-3564", }, { cve: "CVE-2022-4379", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-4379", }, ], notes: [ { category: "general", text: "A use-after-free vulnerability was found in __nfs42_ssc_open() in fs/nfs/nfs4file.c in the Linux kernel. This flaw allows an attacker to conduct a remote denial", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_8-rt-1-150400.1.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:cluster-md-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:dlm-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:gfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-devel-rt-5.14.21-150400.15.8.1.noarch", "SUSE Real Time Module 15 SP4:kernel-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt-devel-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-devel-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-source-rt-5.14.21-150400.15.8.1.noarch", "SUSE Real Time Module 15 SP4:kernel-syms-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:ocfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-devel-rt-5.14.21-150400.15.8.1.noarch", "openSUSE Leap 15.4:kernel-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt-devel-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-devel-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-source-rt-5.14.21-150400.15.8.1.noarch", "openSUSE Leap 15.4:kernel-syms-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.8.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-4379", url: "https://www.suse.com/security/cve/CVE-2022-4379", }, { category: "external", summary: "SUSE Bug 1206209 for CVE-2022-4379", url: "https://bugzilla.suse.com/1206209", }, { category: "external", summary: "SUSE Bug 1206373 for CVE-2022-4379", url: "https://bugzilla.suse.com/1206373", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_8-rt-1-150400.1.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:cluster-md-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:dlm-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:gfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-devel-rt-5.14.21-150400.15.8.1.noarch", "SUSE Real Time Module 15 SP4:kernel-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt-devel-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-devel-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-source-rt-5.14.21-150400.15.8.1.noarch", "SUSE Real Time Module 15 SP4:kernel-syms-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:ocfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-devel-rt-5.14.21-150400.15.8.1.noarch", "openSUSE Leap 15.4:kernel-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt-devel-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-devel-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-source-rt-5.14.21-150400.15.8.1.noarch", "openSUSE Leap 15.4:kernel-syms-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.8.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.4, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_8-rt-1-150400.1.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:cluster-md-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:dlm-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:gfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-devel-rt-5.14.21-150400.15.8.1.noarch", "SUSE Real Time Module 15 SP4:kernel-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt-devel-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-devel-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-source-rt-5.14.21-150400.15.8.1.noarch", "SUSE Real Time Module 15 SP4:kernel-syms-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:ocfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-devel-rt-5.14.21-150400.15.8.1.noarch", "openSUSE Leap 15.4:kernel-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt-devel-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-devel-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-source-rt-5.14.21-150400.15.8.1.noarch", "openSUSE Leap 15.4:kernel-syms-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.8.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-01-26T08:24:17Z", details: "important", }, ], title: "CVE-2022-4379", }, { cve: "CVE-2022-4662", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-4662", }, ], notes: [ { category: "general", text: "A flaw incorrect access control in the Linux kernel USB core subsystem was found in the way user attaches usb device. A local user could use this flaw to crash the system.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_8-rt-1-150400.1.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:cluster-md-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:dlm-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:gfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-devel-rt-5.14.21-150400.15.8.1.noarch", "SUSE Real Time Module 15 SP4:kernel-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt-devel-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-devel-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-source-rt-5.14.21-150400.15.8.1.noarch", "SUSE Real Time Module 15 SP4:kernel-syms-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:ocfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-devel-rt-5.14.21-150400.15.8.1.noarch", "openSUSE Leap 15.4:kernel-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt-devel-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-devel-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-source-rt-5.14.21-150400.15.8.1.noarch", "openSUSE Leap 15.4:kernel-syms-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.8.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-4662", url: "https://www.suse.com/security/cve/CVE-2022-4662", }, { category: "external", summary: "SUSE Bug 1206664 for CVE-2022-4662", url: "https://bugzilla.suse.com/1206664", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_8-rt-1-150400.1.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:cluster-md-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:dlm-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:gfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-devel-rt-5.14.21-150400.15.8.1.noarch", "SUSE Real Time Module 15 SP4:kernel-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt-devel-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-devel-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-source-rt-5.14.21-150400.15.8.1.noarch", "SUSE Real Time Module 15 SP4:kernel-syms-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:ocfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-devel-rt-5.14.21-150400.15.8.1.noarch", "openSUSE Leap 15.4:kernel-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt-devel-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-devel-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-source-rt-5.14.21-150400.15.8.1.noarch", "openSUSE Leap 15.4:kernel-syms-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.8.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_8-rt-1-150400.1.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:cluster-md-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:dlm-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:gfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-devel-rt-5.14.21-150400.15.8.1.noarch", "SUSE Real Time Module 15 SP4:kernel-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt-devel-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-devel-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-source-rt-5.14.21-150400.15.8.1.noarch", "SUSE Real Time Module 15 SP4:kernel-syms-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:ocfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-devel-rt-5.14.21-150400.15.8.1.noarch", "openSUSE Leap 15.4:kernel-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt-devel-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-devel-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-source-rt-5.14.21-150400.15.8.1.noarch", "openSUSE Leap 15.4:kernel-syms-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.8.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-01-26T08:24:17Z", details: "moderate", }, ], title: "CVE-2022-4662", }, { cve: "CVE-2022-47520", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-47520", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel before 6.0.11. Missing offset validation in drivers/net/wireless/microchip/wilc1000/hif.c in the WILC1000 wireless driver can trigger an out-of-bounds read when parsing a Robust Security Network (RSN) information element from a Netlink packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_8-rt-1-150400.1.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:cluster-md-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:dlm-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:gfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-devel-rt-5.14.21-150400.15.8.1.noarch", "SUSE Real Time Module 15 SP4:kernel-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt-devel-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-devel-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-source-rt-5.14.21-150400.15.8.1.noarch", "SUSE Real Time Module 15 SP4:kernel-syms-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:ocfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-devel-rt-5.14.21-150400.15.8.1.noarch", "openSUSE Leap 15.4:kernel-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt-devel-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-devel-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-source-rt-5.14.21-150400.15.8.1.noarch", "openSUSE Leap 15.4:kernel-syms-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.8.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-47520", url: "https://www.suse.com/security/cve/CVE-2022-47520", }, { category: "external", summary: "SUSE Bug 1206515 for CVE-2022-47520", url: "https://bugzilla.suse.com/1206515", }, { category: "external", summary: "SUSE Bug 1207823 for CVE-2022-47520", url: "https://bugzilla.suse.com/1207823", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_8-rt-1-150400.1.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:cluster-md-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:dlm-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:gfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-devel-rt-5.14.21-150400.15.8.1.noarch", "SUSE Real Time Module 15 SP4:kernel-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt-devel-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-devel-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-source-rt-5.14.21-150400.15.8.1.noarch", "SUSE Real Time Module 15 SP4:kernel-syms-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:ocfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-devel-rt-5.14.21-150400.15.8.1.noarch", "openSUSE Leap 15.4:kernel-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt-devel-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-devel-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-source-rt-5.14.21-150400.15.8.1.noarch", "openSUSE Leap 15.4:kernel-syms-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.8.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:L", version: "3.1", }, products: [ "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_8-rt-1-150400.1.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:cluster-md-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:dlm-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:gfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-devel-rt-5.14.21-150400.15.8.1.noarch", "SUSE Real Time Module 15 SP4:kernel-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt-devel-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-devel-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:kernel-source-rt-5.14.21-150400.15.8.1.noarch", "SUSE Real Time Module 15 SP4:kernel-syms-rt-5.14.21-150400.15.8.1.x86_64", "SUSE Real Time Module 15 SP4:ocfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-devel-rt-5.14.21-150400.15.8.1.noarch", "openSUSE Leap 15.4:kernel-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt-devel-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-devel-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:kernel-source-rt-5.14.21-150400.15.8.1.noarch", "openSUSE Leap 15.4:kernel-syms-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-rt-5.14.21-150400.15.8.1.x86_64", "openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.8.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-01-26T08:24:17Z", details: "important", }, ], title: "CVE-2022-47520", }, ], }
suse-su-2023:0149-1
Vulnerability from csaf_suse
Published
2023-01-26 09:18
Modified
2023-01-26 09:18
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2022-3344: Fixed a bug where nested shutdown interception could lead to host crash (bsc#1204652)
- CVE-2022-4662: Fixed a recursive locking violation in usb-storage that can cause the kernel to deadlock. (bsc#1206664)
- CVE-2022-3115: Fixed a null pointer dereference in malidp_crtc.c caused by a lack of checks of the return value of kzalloc. (bsc#1206393)
- CVE-2022-47520: Fixed an out-of-bounds read when parsing a Robust Security Network (RSN) information element from a Netlink packet. (bsc#1206515)
- CVE-2022-3112: Fixed a null pointer dereference caused by lacks check of the return value of kzalloc() in vdec_helpers.c:amvdec_set_canvases. (bsc#1206399)
- CVE-2022-3564: Fixed a bug which could lead to use after free, it was found in the function l2cap_reassemble_sdu of the file net/bluetooth/l2cap_core.c of the component Bluetooth. (bsc#1206073)
- CVE-2022-4379: Fixed a use-after-free vulnerability in nfs4file.c:__nfs42_ssc_open. (bsc#1206209)
- CVE-2022-3108: Fixed a bug in kfd_parse_subtype_iolink in drivers/gpu/drm/amd/amdkfd/kfd_crat.c where a lack of check of the return value of kmemdup() could lead to a NULL pointer dereference. (bsc#1206389)
- CVE-2022-3104: Fixed a null pointer dereference caused by caused by a missing check of the return value of kzalloc() in bugs.c:lkdtm_ARRAY_BOUNDS. (bsc#1206396)
- CVE-2022-3113: Fixed a null pointer dereference caused by a missing check of the return value of devm_kzalloc. (bsc#1206390)
- CVE-2022-3107: Fixed a null pointer dereference caused by a missing check of the return value of kvmalloc_array. (bsc#1206395)
- CVE-2022-3114: Fixed a null pointer dereference caused by a missing check of the return value of kcalloc. (bsc#1206391)
- CVE-2022-3111: Fixed a missing release of resource after effective lifetime bug caused by a missing free of the WM8350_IRQ_CHG_FAST_RDY in wm8350_init_charger. (bsc#1206394)
- CVE-2022-3105: Fixed a null pointer dereference caused by a missing check of the return value of kmalloc_array. (bsc#1206398)
- CVE-2022-3106: Fixed a null pointer dereference caused by a missing check of the return value of kmalloc. (bsc#1206397)
The following non-security bugs were fixed:
- acct: fix potential integer overflow in encode_comp_t() (git-fixes).
- ACPI: resource: Skip IRQ override on Asus Vivobook K3402ZA/K3502ZA (git-fixes).
- ACPICA: Fix error code path in acpi_ds_call_control_method() (git-fixes).
- ACPICA: Fix use-after-free in acpi_ut_copy_ipackage_to_ipackage() (git-fixes).
- ALSA: asihpi: fix missing pci_disable_device() (git-fixes).
- ALSA: hda/hdmi: Add HP Device 0x8711 to force connect list (git-fixes).
- ALSA: hda/realtek: Add quirk for Lenovo TianYi510Pro-14IOB (git-fixes).
- ALSA: hda/realtek: Apply dual codec fixup for Dell Latitude laptops (git-fixes).
- ALSA: line6: correct midi status byte when receiving data from podxt (git-fixes).
- ALSA: line6: fix stack overflow in line6_midi_transmit (git-fixes).
- ALSA: mts64: fix possible null-ptr-defer in snd_mts64_interrupt (git-fixes).
- ALSA: patch_realtek: Fix Dell Inspiron Plus 16 (git-fixes).
- ALSA: pcm: fix undefined behavior in bit shift for SNDRV_PCM_RATE_KNOT (git-fixes).
- ALSA: pcm: Set missing stop_operating flag at undoing trigger start (git-fixes).
- ALSA: seq: Fix function prototype mismatch in snd_seq_expand_var_event (git-fixes).
- ALSA: seq: fix undefined behavior in bit shift for SNDRV_SEQ_FILTER_USE_EVENT (git-fixes).
- ALSA: usb-audio: add the quirk for KT0206 device (git-fixes).
- amdgpu/pm: prevent array underflow in vega20_odn_edit_dpm_table() (git-fixes).
- apparmor: fix a memleak in multi_transaction_new() (git-fixes).
- apparmor: Fix abi check to include v8 abi (git-fixes).
- apparmor: fix lockdep warning when removing a namespace (git-fixes).
- apparmor: Fix memleak in alloc_ns() (git-fixes).
- apparmor: Use pointer to struct aa_label for lbs_cred (git-fixes).
- ARM: 9251/1: perf: Fix stacktraces for tracepoint events in THUMB2 kernels (git-fixes).
- ARM: 9256/1: NWFPE: avoid compiler-generated __aeabi_uldivmod (git-fixes).
- ARM: dts: armada-370: Fix assigned-addresses for every PCIe Root Port (git-fixes).
- ARM: dts: armada-375: Fix assigned-addresses for every PCIe Root Port (git-fixes).
- ARM: dts: armada-38x: Fix assigned-addresses for every PCIe Root Port (git-fixes).
- ARM: dts: armada-38x: Fix compatible string for gpios (git-fixes).
- ARM: dts: armada-39x: Fix assigned-addresses for every PCIe Root Port (git-fixes).
- ARM: dts: armada-39x: Fix compatible string for gpios (git-fixes).
- ARM: dts: armada-xp: Fix assigned-addresses for every PCIe Root Port (git-fixes).
- ARM: dts: dove: Fix assigned-addresses for every PCIe Root Port (git-fixes).
- ARM: dts: nuvoton: Remove bogus unit addresses from fixed-partition nodes (git-fixes).
- ARM: dts: qcom: apq8064: fix coresight compatible (git-fixes).
- ARM: dts: rockchip: disable arm_global_timer on rk3066 and rk3188 (git-fixes).
- ARM: dts: rockchip: fix ir-receiver node names (git-fixes).
- ARM: dts: rockchip: fix node name for hym8563 rtc (git-fixes).
- ARM: dts: rockchip: remove clock-frequency from rtc (git-fixes).
- ARM: dts: rockchip: rk3188: fix lcdc1-rgb24 node name (git-fixes).
- ARM: dts: spear600: Fix clcd interrupt (git-fixes).
- ARM: dts: stm32: Drop stm32mp15xc.dtsi from Avenger96 (git-fixes).
- ARM: dts: stm32: Fix AV96 WLAN regulator gpio property (git-fixes).
- ARM: dts: turris-omnia: Add ethernet aliases (git-fixes).
- ARM: dts: turris-omnia: Add switch port 6 node (git-fixes).
- ARM: mmp: fix timer_read delay (git-fixes).
- ARM: ux500: do not directly dereference __iomem (git-fixes).
- arm64: Avoid repeated AA64MMFR1_EL1 register read on pagefault path (performance bsc#1203219).
- arm64: dts: armada-3720-turris-mox: Add missing interrupt for RTC (git-fixes).
- arm64: dts: mediatek: mt6797: Fix 26M oscillator unit name (git-fixes).
- arm64: dts: mediatek: pumpkin-common: Fix devicetree warnings (git-fixes).
- arm64: dts: mt2712-evb: Fix usb vbus regulators unit names (git-fixes).
- arm64: dts: mt2712-evb: Fix vproc fixed regulators unit names (git-fixes).
- arm64: dts: mt2712e: Fix unit address for pinctrl node (git-fixes).
- arm64: dts: mt2712e: Fix unit_address_vs_reg warning for oscillators (git-fixes).
- arm64: dts: mt6779: Fix devicetree build warnings (git-fixes).
- arm64: dts: mt7622: drop r_smpl property from mmc node (git-fixes).
- arm64: dts: mt8183: drop drv-type from mmc-node (git-fixes).
- arm64: dts: mt8183: Fix Mali GPU clock (git-fixes).
- arm64: dts: qcom: ipq6018-cp01-c1: use BLSPI1 pins (git-fixes).
- arm64: dts: qcom: msm8916: Drop MSS fallback compatible (git-fixes).
- arm64: dts: qcom: msm8996: Add MSM8996 Pro support (git-fixes).
- arm64: dts: qcom: msm8996: fix GPU OPP table (git-fixes).
- arm64: dts: qcom: msm8996: fix supported-hw in cpufreq OPP tables (git-fixes).
- arm64: dts: qcom: sdm630: fix UART1 pin bias (git-fixes).
- arm64: dts: qcom: sdm845-cheza: fix AP suspend pin bias (git-fixes).
- arm64: dts: qcom: sdm845-db845c: correct SPI2 pins drive strength (git-fixes).
- arm64: dts: qcom: sdm850-lenovo-yoga-c630: correct I2C12 pins drive strength (git-fixes).
- arm64: dts: qcom: sm8250-sony-xperia-edo: fix touchscreen bias-disable (git-fixes).
- arm64: dts: qcom: sm8250: correct LPASS pin pull down (git-fixes).
- arm64: dts: qcom: sm8250: drop bogus DP PHY clock (git-fixes).
- arm64: dts: qcom: sm8250: fix USB-DP PHY registers (git-fixes).
- arm64: dts: rockchip: fix ir-receiver node names (git-fixes).
- arm64: dts: rockchip: keep I2S1 disabled for GPIO function on ROCK Pi 4 series (git-fixes).
- arm64: dts: ti: k3-am65-main: Drop dma-coherent in crypto node (git-fixes).
- arm64: dts: ti: k3-j721e-main: Drop dma-coherent in crypto node (git-fixes).
- ASoC: audio-graph-card: fix refcount leak of cpu_ep in __graph_for_each_link() (git-fixes).
- ASoC: codecs: rt298: Add quirk for KBL-R RVP platform (git-fixes).
- ASoC: cs42l51: Correct PGA Volume minimum value (git-fixes).
- ASoC: dt-bindings: wcd9335: fix reset line polarity in example (git-fixes).
- ASoC: fsl_micfil: explicitly clear CHnF flags (git-fixes).
- ASoC: fsl_micfil: explicitly clear software reset bit (git-fixes).
- ASoC: Intel: bytcr_rt5640: Add quirk for the Advantech MICA-071 tablet (git-fixes).
- ASoC: jz4740-i2s: Handle independent FIFO flush bits (git-fixes).
- ASoC: mediatek: mt8173-rt5650-rt5514: fix refcount leak in mt8173_rt5650_rt5514_dev_probe() (git-fixes).
- ASoC: mediatek: mt8173: Enable IRQ when pdata is ready (git-fixes).
- ASoC: mediatek: mt8183: fix refcount leak in mt8183_mt6358_ts3a227_max98357_dev_probe() (git-fixes).
- ASoC: mediatek: mtk-btcvsd: Add checks for write and read of mtk_btcvsd_snd (git-fixes).
- ASoC: ops: Check bounds for second channel in snd_soc_put_volsw_sx() (git-fixes).
- ASoC: ops: Correct bounds check for second channel on SX controls (git-fixes).
- ASoC: pcm512x: Fix PM disable depth imbalance in pcm512x_probe (git-fixes).
- ASoC: pxa: fix null-pointer dereference in filter() (git-fixes).
- ASoC: qcom: Add checks for devm_kcalloc (git-fixes).
- ASoC: rockchip: pdm: Add missing clk_disable_unprepare() in rockchip_pdm_runtime_resume() (git-fixes).
- ASoC: rockchip: spdif: Add missing clk_disable_unprepare() in rk_spdif_runtime_resume() (git-fixes).
- ASoC: rt5670: Remove unbalanced pm_runtime_put() (git-fixes).
- ASoC: rt711-sdca: fix the latency time of clock stop prepare state machine transitions (git-fixes).
- ASoC: soc-pcm: Add NULL check in BE reparenting (git-fixes).
- ASoC: wm8962: Wait for updated value of WM8962_CLOCKING1 register (git-fixes).
- ASoC: wm8994: Fix potential deadlock (git-fixes).
- ata: ahci: Fix PCS quirk application for suspend (git-fixes).
- binfmt_elf: fix documented return value for load_elf_phdrs() (git-fixes).
- binfmt_misc: fix shift-out-of-bounds in check_special_flags (git-fixes).
- binfmt: Fix error return code in load_elf_fdpic_binary() (git-fixes).
- block: Do not reread partition table on exclusively open device (bsc#1190969).
- Bluetooth: btintel: Fix missing free skb in btintel_setup_combined() (git-fixes).
- Bluetooth: btusb: Add debug message for CSR controllers (git-fixes).
- Bluetooth: btusb: do not call kfree_skb() under spin_lock_irqsave() (git-fixes).
- Bluetooth: hci_bcsp: do not call kfree_skb() under spin_lock_irqsave() (git-fixes).
- Bluetooth: hci_core: do not call kfree_skb() under spin_lock_irqsave() (git-fixes).
- Bluetooth: hci_h5: do not call kfree_skb() under spin_lock_irqsave() (git-fixes).
- Bluetooth: hci_ll: do not call kfree_skb() under spin_lock_irqsave() (git-fixes).
- Bluetooth: hci_qca: do not call kfree_skb() under spin_lock_irqsave() (git-fixes).
- Bluetooth: MGMT: Fix error report for ADD_EXT_ADV_PARAMS (git-fixes).
- Bluetooth: RFCOMM: do not call kfree_skb() under spin_lock_irqsave() (git-fixes).
- brcmfmac: return error when getting invalid max_flowrings from dongle (git-fixes).
- caif: fix memory leak in cfctrl_linkup_request() (git-fixes).
- can: do not increase rx statistics when generating a CAN rx error message frame (git-fixes).
- can: do not increase rx_bytes statistics for RTR frames (git-fixes).
- can: kvaser_usb_leaf: Fix bogus restart events (git-fixes).
- can: kvaser_usb_leaf: Fix wrong CAN state after stopping (git-fixes).
- can: kvaser_usb_leaf: Set Warning state even without bus errors (git-fixes).
- can: kvaser_usb: do not increase tx statistics when sending error message frames (git-fixes).
- can: kvaser_usb: kvaser_usb_leaf: fix bittiming limits (git-fixes).
- can: kvaser_usb: make use of units.h in assignment of frequency (git-fixes).
- can: m_can: fix typo prescalar -> prescaler (git-fixes).
- can: m_can: is_lec_err(): clean up LEC error handling (git-fixes).
- can: mcba_usb: Fix termination command argument (git-fixes).
- can: sja1000: fix size of OCR_MODE_MASK define (git-fixes).
- can: tcan4x5x: Remove invalid write in clear_interrupts (git-fixes).
- chardev: fix error handling in cdev_device_add() (git-fixes).
- cifs: Add 'extbuf' and 'extbuflen' args to smb2_compound_op() (bsc#1193629).
- cifs: do not block in dfs_cache_noreq_update_tgthint() (bsc#1193629).
- cifs: do not leak -ENOMEM in smb2_open_file() (bsc#1193629).
- cifs: do not refresh cached referrals from unactive mounts (bsc#1193629).
- cifs: fix confusing debug message (bsc#1193629).
- cifs: Fix kmap_local_page() unmapping (git-fixes).
- cifs: fix missing display of three mount options (bsc#1193629).
- cifs: fix oops during encryption (bsc#1199294).
- cifs: fix refresh of cached referrals (bsc#1193629).
- cifs: fix source pathname comparison of dfs supers (bsc#1193629).
- cifs: fix various whitespace errors in headers (bsc#1193629).
- cifs: get rid of mount options string parsing (bsc#1193629).
- cifs: minor cleanup of some headers (bsc#1193629).
- cifs: optimize reconnect of nested links (bsc#1193629).
- cifs: Parse owner/group for stat in smb311 posix extensions (bsc#1193629).
- cifs: print warning when conflicting soft vs. hard mount options specified (bsc#1193629).
- cifs: reduce roundtrips on create/qinfo requests (bsc#1193629).
- cifs: refresh root referrals (bsc#1193629).
- cifs: Remove duplicated include in cifsglob.h (bsc#1193629).
- cifs: remove unused smb3_fs_context::mount_options (bsc#1193629).
- cifs: set correct ipc status after initial tree connect (bsc#1193629).
- cifs: set correct status of tcon ipc when reconnecting (bsc#1193629).
- cifs: set correct tcon status after initial tree connect (bsc#1193629).
- cifs: set resolved ip in sockaddr (bsc#1193629).
- cifs: share dfs connections and supers (bsc#1193629).
- cifs: skip alloc when request has no pages (bsc#1193629).
- cifs: split out ses and tcon retrieval from mount_get_conns() (bsc#1193629).
- cifs: update internal module number (bsc#1193629).
- cifs: use fs_context for automounts (bsc#1193629).
- cifs: use origin fullpath for automounts (bsc#1193629).
- class: fix possible memory leak in __class_register() (git-fixes).
- clk: Fix pointer casting to prevent oops in devm_clk_release() (git-fixes).
- clk: generalize devm_clk_get() a bit (git-fixes).
- clk: imx: imx8mp: add shared clk gate for usb suspend clk (git-fixes).
- clk: imx: replace osc_hdmi with dummy (git-fixes).
- clk: nomadik: correct struct name kernel-doc warning (git-fixes).
- clk: Provide new devm_clk helpers for prepared and enabled clocks (git-fixes).
- clk: qcom: clk-krait: fix wrong div2 functions (git-fixes).
- clk: qcom: gcc-sm8250: Use retention mode for USB GDSCs (git-fixes).
- clk: qcom: lpass-sc7180: Fix pm_runtime usage (git-fixes).
- clk: renesas: r9a06g032: Repair grave increment error (git-fixes).
- clk: rockchip: Fix memory leak in rockchip_clk_register_pll() (git-fixes).
- clk: samsung: Fix memory leak in _samsung_clk_register_pll() (git-fixes).
- clk: socfpga: Fix memory leak in socfpga_gate_init() (git-fixes).
- clk: st: Fix memory leak in st_of_quadfs_setup() (git-fixes).
- clk: sunxi-ng: v3s: Correct the header guard of ccu-sun8i-v3s.h (git-fixes).
- clocksource/drivers/sh_cmt: Access registers according to spec (git-fixes).
- clocksource/drivers/timer-ti-dm: Fix missing clk_disable_unprepare in dmtimer_systimer_init_clock() (git-fixes).
- cpufreq: ACPI: Defer setting boost MSRs (bsc#1205485).
- cpufreq: ACPI: Only set boost MSRs on supported CPUs (bsc#1205485).
- cpufreq: ACPI: Remove unused variables 'acpi_cpufreq_online' and 'ret' (bsc#1205485).
- cpufreq: intel_pstate: Add Sapphire Rapids support in no-HWP mode (bsc#1201068).
- crypto: ccree - Make cc_debugfs_global_fini() available for module init function (git-fixes).
- crypto: ccree - Remove debugfs when platform_driver_register failed (git-fixes).
- crypto: cryptd - Use request context instead of stack for sub-request (git-fixes).
- crypto: hisilicon/qm - fix missing destroy qp_idr (git-fixes).
- crypto: img-hash - Fix variable dereferenced before check 'hdev->req' (git-fixes).
- crypto: n2 - add missing hash statesize (git-fixes).
- crypto: nitrox - avoid double free on error path in nitrox_sriov_init() (git-fixes).
- crypto: omap-sham - Use pm_runtime_resume_and_get() in omap_sham_probe() (git-fixes).
- crypto: rockchip - add fallback for ahash (git-fixes).
- crypto: rockchip - add fallback for cipher (git-fixes).
- crypto: rockchip - better handle cipher key (git-fixes).
- crypto: rockchip - do not do custom power management (git-fixes).
- crypto: rockchip - do not store mode globally (git-fixes).
- crypto: rockchip - remove non-aligned handling (git-fixes).
- crypto: rockchip - rework by using crypto_engine (git-fixes).
- crypto: sun8i-ss - use dma_addr instead u32 (git-fixes).
- crypto: tcrypt - Fix multibuffer skcipher speed test mem leak (git-fixes).
- device property: Fix documentation for fwnode_get_next_parent() (git-fixes).
- dmaengine: idxd: Fix crc_val field for completion record (git-fixes).
- docs/zh_CN: Fix '.. only::' directive's expression (git-fixes).
- Documentation: devres: add missing devm_acpi_dma_controller_free() helper (git-fixes).
- Documentation: devres: add missing MEM helper (git-fixes).
- Documentation: devres: add missing PHY helpers (git-fixes).
- Documentation: devres: add missing PWM helper (git-fixes).
- drbd: destroy workqueue when drbd device was freed (git-fixes).
- drbd: remove call to memset before free device/resource/connection (git-fixes).
- drbd: remove usage of list iterator variable after loop (git-fixes).
- drbd: set QUEUE_FLAG_STABLE_WRITES (git-fixes).
- drbd: use after free in drbd_create_device() (git-fixes).
- driver core: Fix bus_type.match() error handling in __driver_attach() (git-fixes).
- drivers: dio: fix possible memory leak in dio_init() (git-fixes).
- drivers: soc: ti: knav_qmss_queue: Mark knav_acc_firmwares as static (git-fixes).
- drm: bridge: dw_hdmi: fix preference of RGB modes over YUV420 (git-fixes).
- drm/amd/display: fix array index out of bound error in bios parser (git-fixes).
- drm/amd/display: Manually adjust strobe for DCN303 (git-fixes).
- drm/amd/display: prevent memory leak (git-fixes).
- drm/amd/display: Use the largest vready_offset in pipe group (git-fixes).
- drm/amd/pm/smu11: BACO is supported when it's in BACO state (git-fixes).
- drm/amdgpu: fix pci device refcount leak (git-fixes).
- drm/amdgpu: Fix PCI device refcount leak in amdgpu_atrm_get_bios() (git-fixes).
- drm/amdgpu: Fix type of second parameter in odn_edit_dpm_table() callback (git-fixes).
- drm/amdgpu: Fix type of second parameter in trans_msg() callback (git-fixes).
- drm/amdgpu: handle polaris10/11 overlap asics (v2) (git-fixes).
- drm/amdgpu: make display pinning more flexible (v2) (git-fixes).
- drm/amdgpu/powerplay/psm: Fix memory leak in power state init (git-fixes).
- drm/amdgpu/sdma_v4_0: turn off SDMA ring buffer in the s2idle suspend (git-fixes).
- drm/amdkfd: Fix memory leakage (git-fixes).
- drm/bridge: adv7533: remove dynamic lane switching from adv7533 bridge (git-fixes).
- drm/bridge: anx7625: Fix edid_read break case in sp_tx_edid_read() (git-fixes).
- drm/bridge: ti-sn65dsi86: Fix output polarity setting bug (git-fixes).
- drm/connector: send hotplug uevent on connector cleanup (git-fixes).
- drm/edid: Fix minimum bpc supported with DSC1.2 for HDMI sink (git-fixes).
- drm/etnaviv: add missing quirks for GC300 (git-fixes).
- drm/etnaviv: do not truncate physical page address (git-fixes).
- drm/fourcc: Add packed 10bit YUV 4:2:0 format (git-fixes).
- drm/fourcc: Fix vsub/hsub for Q410 and Q401 (git-fixes).
- drm/fsl-dcu: Fix return type of fsl_dcu_drm_connector_mode_valid() (git-fixes).
- drm/i915: Fix documentation for intel_uncore_forcewake_put__locked (git-fixes).
- drm/i915: remove circ_buf.h includes (git-fixes).
- drm/i915: unpin on error in intel_vgpu_shadow_mm_pin() (git-fixes).
- drm/i915/display: Do not disable DDI/Transcoder when setting phy test pattern (git-fixes).
- drm/i915/dsi: fix VBT send packet port selection for dual link DSI (git-fixes).
- drm/i915/gvt: fix gvt debugfs destroy (git-fixes).
- drm/i915/gvt: fix vgpu debugfs clean in remove (git-fixes).
- drm/i915/migrate: do not check the scratch page (git-fixes).
- drm/i915/migrate: fix length calculation (git-fixes).
- drm/i915/migrate: fix offset calculation (git-fixes).
- drm/i915/ttm: never purge busy objects (git-fixes).
- drm/imx: ipuv3-plane: Fix overlay plane width (git-fixes).
- drm/ingenic: Fix missing platform_driver_unregister() call in ingenic_drm_init() (git-fixes).
- drm/mediatek: Fix return type of mtk_hdmi_bridge_mode_valid() (git-fixes).
- drm/mediatek: Modify dpi power on/off sequence (git-fixes).
- drm/meson: Reduce the FIFO lines held when AFBC is not used (git-fixes).
- drm/msm: Use drm_mode_copy() (git-fixes).
- drm/panel/panel-sitronix-st7701: Remove panel on DSI attach failure (git-fixes).
- drm/panfrost: Fix GEM handle creation ref-counting (git-fixes).
- drm/radeon: Add the missed acpi_put_table() to fix memory leak (git-fixes).
- drm/radeon: Fix PCI device refcount leak in radeon_atrm_get_bios() (git-fixes).
- drm/rockchip: lvds: fix PM usage counter unbalance in poweron (git-fixes).
- drm/rockchip: Use drm_mode_copy() (git-fixes).
- drm/shmem-helper: Avoid vm_open error paths (git-fixes).
- drm/shmem-helper: Remove errant put in error path (git-fixes).
- drm/sti: Fix return type of sti_{dvo,hda,hdmi}_connector_mode_valid() (git-fixes).
- drm/sti: Use drm_mode_copy() (git-fixes).
- drm/tegra: Add missing clk_disable_unprepare() in tegra_dc_probe() (git-fixes).
- drm/vmwgfx: Do not use screen objects when SEV is active (git-fixes).
- drm/vmwgfx: Fix a sparse warning in kernel docs (git-fixes).
- drm/vmwgfx: Validate the box size for the snooped cursor (git-fixes).
- Drop FIPS mode DRBG->getrandom(2) wire-up (bsc#1191259)
- dt-bindings: clock: qcom,aoncc-sm8250: fix compatible (git-fixes).
- dt-bindings: clocks: imx8mp: Add ID for usb suspend clock (git-fixes).
- dt-bindings: display: sun6i-dsi: Fix clock conditional (git-fixes).
- dt-bindings: gpio: gpio-davinci: Increase maxItems in gpio-line-names (git-fixes).
- dt-bindings: net: sun8i-emac: Add phy-supply property (git-fixes).
- EDAC/mc_sysfs: Increase legacy channel support to 12 (bsc#1205263).
- efi: Add iMac Pro 2017 to uefi skip cert quirk (git-fixes).
- ext4: avoid BUG_ON when creating xattrs (bsc#1205496).
- extcon: usbc-tusb320: Add support for mode setting and reset (git-fixes).
- extcon: usbc-tusb320: Add support for TUSB320L (git-fixes).
- extcon: usbc-tusb320: Factor out extcon into dedicated functions (git-fixes).
- fbcon: Use kzalloc() in fbcon_prepare_logo() (git-fixes).
- fbdev: fbcon: release buffer when fbcon_do_set_font() failed (git-fixes).
- fbdev: geode: do not build on UML (git-fixes).
- fbdev: matroxfb: G200eW: Increase max memory from 1 MB to 16 MB (git-fixes).
- fbdev: pm2fb: fix missing pci_disable_device() (git-fixes).
- fbdev: smscufx: Fix several use-after-free bugs (git-fixes).
- fbdev: ssd1307fb: Drop optional dependency (git-fixes).
- fbdev: uvesafb: do not build on UML (git-fixes).
- fbdev: uvesafb: Fixes an error handling path in uvesafb_probe() (git-fixes).
- fbdev: vermilion: decrease reference count in error path (git-fixes).
- fbdev: via: Fix error in via_core_init() (git-fixes).
- firmware: raspberrypi: fix possible memory leak in rpi_firmware_probe() (git-fixes).
- floppy: Fix memory leak in do_floppy_init() (git-fixes).
- fuse: lock inode unconditionally in fuse_fallocate() (bsc#1206273).
- gpio: sifive: Fix refcount leak in sifive_gpio_probe (git-fixes).
- gpiolib: cdev: fix NULL-pointer dereferences (git-fixes).
- gpiolib: check the 'ngpios' property in core gpiolib code (git-fixes).
- gpiolib: fix memory leak in gpiochip_setup_dev() (git-fixes).
- gpiolib: Get rid of redundant 'else' (git-fixes).
- gpiolib: improve coding style for local variables (git-fixes).
- gpiolib: make struct comments into real kernel docs (git-fixes).
- hamradio: baycom_epp: Fix return type of baycom_send_packet() (git-fixes).
- hamradio: do not call dev_kfree_skb() under spin_lock_irqsave() (git-fixes).
- HID: hid-sensor-custom: set fixed size for custom attributes (git-fixes).
- HID: ite: Enable QUIRK_TOUCHPAD_ON_OFF_REPORT on Acer Aspire Switch V 10 (git-fixes).
- HID: mcp2221: do not connect hidraw (git-fixes).
- HID: multitouch: fix Asus ExpertBook P2 P2451FA trackpoint (git-fixes).
- HID: plantronics: Additional PIDs for double volume key presses quirk (git-fixes).
- HID: uclogic: Add HID_QUIRK_HIDINPUT_FORCE quirk (git-fixes).
- HID: usbhid: Add ALWAYS_POLL quirk for some mice (git-fixes).
- HID: wacom: Ensure bootloader PID is usable in hidraw mode (git-fixes).
- HSI: omap_ssi_core: Fix error handling in ssi_init() (git-fixes).
- HSI: omap_ssi_core: fix possible memory leak in ssi_probe() (git-fixes).
- HSI: omap_ssi_core: fix unbalanced pm_runtime_disable() (git-fixes).
- hwmon: (jc42) Convert register access and caching to regmap/regcache (git-fixes).
- hwmon: (jc42) Fix missing unlock on error in jc42_write() (git-fixes).
- hwmon: (jc42) Restore the min/max/critical temperatures on resume (git-fixes).
- hwrng: amd - Fix PCI device refcount leak (git-fixes).
- i2c: ismt: Fix an out-of-bounds bug in ismt_access() (git-fixes).
- i2c: mux: reg: check return value after calling platform_get_resource() (git-fixes).
- i2c: pxa-pci: fix missing pci_disable_device() on error in ce4100_i2c_probe (git-fixes).
- IB/IPoIB: Fix queue count inconsistency for PKEY child interfaces (git-fixes)
- ibmveth: Always stop tx queues during close (bsc#1065729).
- iio: adc: ad_sigma_delta: do not use internal iio_dev lock (git-fixes).
- iio: adc128s052: add proper .data members in adc128_of_match table (git-fixes).
- iio: fix memory leak in iio_device_register_eventset() (git-fixes).
- iio: temperature: ltc2983: make bulk write buffer DMA-safe (git-fixes).
- ima: Fix a potential NULL pointer access in ima_restore_measurement_list (git-fixes).
- Input: elants_i2c - properly handle the reset GPIO when power is off (git-fixes).
- Input: joystick - fix Kconfig warning for JOYSTICK_ADC (git-fixes).
- Input: wistron_btns - disable on UML (git-fixes).
- integrity: Fix memory leakage in keyring allocation error path (git-fixes).
- ipmi: fix long wait in unload when IPMI disconnect (git-fixes).
- ipmi: fix memleak when unload ipmi driver (git-fixes).
- ipmi: fix use after free in _ipmi_destroy_user() (git-fixes).
- ipmi: kcs: Poll OBF briefly to reduce OBE latency (git-fixes).
- ipu3-imgu: Fix NULL pointer dereference in imgu_subdev_set_selection() (git-fixes).
- kABI: reintroduce a non-inline usleep_range (git-fixes).
- lib/debugobjects: fix stat count and optimize debug_objects_mem_init (git-fixes).
- lib/fonts: fix undefined behavior in bit shift for get_default_font (git-fixes).
- mailbox: arm_mhuv2: Fix return value check in mhuv2_probe() (git-fixes).
- mailbox: mpfs: read the system controller's status (git-fixes).
- mailbox: zynq-ipi: fix error handling while device_register() fails (git-fixes).
- media: adv748x: afe: Select input port when initializing AFE (git-fixes).
- media: camss: Clean up received buffers on failed start of streaming (git-fixes).
- media: dvb-core: Fix double free in dvb_register_device() (git-fixes).
- media: dvb-core: Fix ignored return value in dvb_register_frontend() (git-fixes).
- media: dvb-frontends: fix leak of memory fw (git-fixes).
- media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer() (git-fixes).
- media: dvb-usb: fix memory leak in dvb_usb_adapter_init() (git-fixes).
- media: i2c: ad5820: Fix error path (git-fixes).
- media: imon: fix a race condition in send_packet() (git-fixes).
- media: saa7164: fix missing pci_disable_device() (git-fixes).
- media: si470x: Fix use-after-free in si470x_int_in_callback() (git-fixes).
- media: solo6x10: fix possible memory leak in solo_sysfs_init() (git-fixes).
- media: stv0288: use explicitly signed char (git-fixes).
- media: v4l2-ctrls: Fix off-by-one error in integer menu control check (git-fixes).
- media: v4l2-dv-timings.c: fix too strict blanking sanity checks (git-fixes).
- media: videobuf-dma-contig: use dma_mmap_coherent (git-fixes).
- media: vidtv: Fix use-after-free in vidtv_bridge_dvb_init() (git-fixes).
- media: vimc: Fix wrong function called when vimc_init() fails (git-fixes).
- media: vivid: fix compose size exceed boundary (git-fixes).
- memcg, kmem: further deprecate kmem.limit_in_bytes (bsc#1206896).
- memcg: Fix possible use-after-free in memcg_write_event_control() (bsc#1206344).
- mfd: bd957x: Fix Kconfig dependency on REGMAP_IRQ (git-fixes).
- mfd: mt6360: Add bounds checking in Regmap read/write call-backs (git-fixes).
- mfd: pm8008: Fix return value check in pm8008_probe() (git-fixes).
- mfd: pm8008: Remove driver data structure pm8008_data (git-fixes).
- mfd: qcom_rpm: Fix an error handling path in qcom_rpm_probe() (git-fixes).
- mfd: qcom_rpm: Use devm_of_platform_populate() to simplify code (git-fixes).
- misc: ocxl: fix possible name leak in ocxl_file_register_afu() (git-fixes).
- misc: tifm: fix possible memory leak in tifm_7xx1_switch_media() (git-fixes).
- mISDN: hfcmulti: do not call dev_kfree_skb/kfree_skb() under spin_lock_irqsave() (git-fixes).
- mISDN: hfcpci: do not call dev_kfree_skb/kfree_skb() under spin_lock_irqsave() (git-fixes).
- mISDN: hfcsusb: do not call dev_kfree_skb/kfree_skb() under spin_lock_irqsave() (git-fixes).
- mm: fix race between MADV_FREE reclaim and blkdev direct IO read (bsc#1204989,bsc#1205601).
- mm/mempolicy: fix memory leak in set_mempolicy_home_node system call (bsc#1206468).
- mmc: alcor: fix return value check of mmc_add_host() (git-fixes).
- mmc: atmel-mci: fix return value check of mmc_add_host() (git-fixes).
- mmc: core: Normalize the error handling branch in sd_read_ext_regs() (git-fixes).
- mmc: f-sdh30: Add quirks for broken timeout clock capability (git-fixes).
- mmc: meson-gx: fix return value check of mmc_add_host() (git-fixes).
- mmc: mmci: fix return value check of mmc_add_host() (git-fixes).
- mmc: moxart: fix return value check of mmc_add_host() (git-fixes).
- mmc: mtk-sd: Fix missing clk_disable_unprepare in msdc_of_clock_parse() (git-fixes).
- mmc: mxcmmc: fix return value check of mmc_add_host() (git-fixes).
- mmc: omap_hsmmc: fix return value check of mmc_add_host() (git-fixes).
- mmc: pxamci: fix return value check of mmc_add_host() (git-fixes).
- mmc: renesas_sdhi: alway populate SCC pointer (git-fixes).
- mmc: renesas_sdhi: better reset from HS400 mode (git-fixes).
- mmc: rtsx_pci: fix return value check of mmc_add_host() (git-fixes).
- mmc: rtsx_usb_sdmmc: fix return value check of mmc_add_host() (git-fixes).
- mmc: sdhci-sprd: Disable CLK_AUTO when the clock is less than 400K (git-fixes).
- mmc: toshsd: fix return value check of mmc_add_host() (git-fixes).
- mmc: via-sdmmc: fix return value check of mmc_add_host() (git-fixes).
- mmc: vub300: fix return value check of mmc_add_host() (git-fixes).
- mmc: vub300: fix warning - do not call blocking ops when !TASK_RUNNING (git-fixes).
- mmc: wbsd: fix return value check of mmc_add_host() (git-fixes).
- mmc: wmt-sdmmc: fix return value check of mmc_add_host() (git-fixes).
- module: change to print useful messages from elf_validity_check() (git-fixes).
- module: fix [e_shstrndx].sh_size=0 OOB access (git-fixes).
- mt76: stop the radar detector after leaving dfs channel (git-fixes).
- mtd: Fix device name leak when register device failed in add_mtd_device() (git-fixes).
- mtd: lpddr2_nvm: Fix possible null-ptr-deref (git-fixes).
- mtd: maps: pxa2xx-flash: fix memory leak in probe (git-fixes).
- mtd: spi-nor: Check for zero erase size in spi_nor_find_best_erase_type() (git-fixes).
- mtd: spi-nor: Fix the number of bytes for the dummy cycles (git-fixes).
- mtd: spi-nor: hide jedec_id sysfs attribute if not present (git-fixes).
- net: allow retransmitting a TCP packet if original is still in queue (bsc#1188605 bsc#1187428 bsc#1206619).
- net: mana: Fix race on per-CQ variable napi work_done (git-fixes).
- net: phy: xgmiitorgmii: Fix refcount leak in xgmiitorgmii_probe (git-fixes).
- net: usb: qmi_wwan: add u-blox 0x1342 composition (git-fixes).
- net: usb: smsc95xx: fix external PHY reset (git-fixes).
- net/mlx5: Fix mlx5_get_next_dev() peer device matching (bsc#1206536).
- net/mlx5: Lag, filter non compatible devices (bsc#1206536).
- netfilter: nfnetlink_osf: fix possible bogus match in nf_osf_find() (bsc#1204614).
- nfc: Fix potential resource leaks (git-fixes).
- nfc: pn533: Clear nfc_target before being used (git-fixes).
- nfc: pn533: Wait for out_urb's completion in pn533_usb_send_frame() (git-fixes).
- NFS: Handle missing attributes in OPEN reply (bsc#1203740).
- nilfs2: fix shift-out-of-bounds due to too large exponent of block size (git-fixes).
- nilfs2: fix shift-out-of-bounds/overflow in nilfs_sb2_bad_offset() (git-fixes).
- octeontx2-af: Add PTP PPS Errata workaround on CN10K silicon (jsc#SLE-24682).
- octeontx2-af: Allow mkex profile without DMAC and add L2M/L2B header extraction support (jsc#SLE-24682).
- octeontx2-af: Do not reset previous pfc config (jsc#SLE-24682).
- octeontx2-af: fix operand size in bitwise operation (jsc#SLE-24682).
- octeontx2-af: Initialize PTP_SEC_ROLLOVER register properly (jsc#SLE-24682).
- octeontx2-af: Limit link bringup time at firmware (jsc#SLE-24682).
- octeontx2-af: return correct ptp timestamp for CN10K silicon (jsc#SLE-24682).
- octeontx2-af: Set NIX link credits based on max LMAC (jsc#SLE-24682).
- octeontx2-af: Skip CGX/RPM probe incase of zero lmac count (jsc#SLE-24682).
- octeontx2-pf: Add egress PFC support (jsc#SLE-24682).
- octeontx2-pf: Add support for ptp 1-step mode on CN10K silicon (jsc#SLE-24682).
- octeontx2-pf: Fix lmtst ID used in aura free (jsc#SLE-24682).
- octeontx2-pf: Fix pfc_alloc_status array overflow (jsc#SLE-24682).
- octeontx2-pf: Fix SQE threshold checking (jsc#SLE-24682).
- octeontx2-pf: Fix unused variable build error (jsc#SLE-24682).
- octeontx2-pf: NIX TX overwrites SQ_CTX_HW_S[SQ_INT] (jsc#SLE-24682).
- octeontx2-pf: Reduce minimum mtu size to 60 (jsc#SLE-24682).
- octeontx2: Modify mbox request and response structures (jsc#SLE-24682).
- padata: Fix list iterator in padata_do_serial() (git-fixes).
- PCI: Check for alloc failure in pci_request_irq() (git-fixes).
- PCI: dwc: Fix n_fts[] array overrun (git-fixes).
- PCI: Fix pci_device_is_present() for VFs by checking PF (git-fixes).
- PCI: pci-epf-test: Register notifier if only core_init_notifier is enabled (git-fixes).
- PCI: vmd: Disable MSI remapping after suspend (git-fixes).
- PCI/sysfs: Fix double free in error path (git-fixes).
- phy: usb: s2 WoL wakeup_count not incremented for USB->Eth devices (git-fixes).
- pinctrl: k210: call of_node_put() (git-fixes).
- pinctrl: meditatek: Startup with the IRQs disabled (git-fixes).
- pinctrl: pinconf-generic: add missing of_node_put() (git-fixes).
- platform/chrome: cros_ec_typec: Cleanup switch handle return paths (git-fixes).
- platform/chrome: cros_usbpd_notify: Fix error handling in cros_usbpd_notify_init() (git-fixes).
- platform/mellanox: mlxbf-pmc: Fix event typo (git-fixes).
- platform/x86: huawei-wmi: fix return value calculation (git-fixes).
- platform/x86: intel_scu_ipc: fix possible name leak in __intel_scu_ipc_register() (git-fixes).
- platform/x86: mxm-wmi: fix memleak in mxm_wmi_call_mx[ds|mx]() (git-fixes).
- PM: hibernate: Fix mistake in kerneldoc comment (git-fixes).
- PM: runtime: Do not call __rpm_callback() from rpm_idle() (git-fixes).
- PNP: fix name memory leak in pnp_alloc_dev() (git-fixes).
- power: supply: ab8500: Fix error handling in ab8500_charger_init() (git-fixes).
- power: supply: fix null pointer dereferencing in power_supply_get_battery_info (git-fixes).
- power: supply: fix residue sysfs file in error handle route of __power_supply_register() (git-fixes).
- power: supply: z2_battery: Fix possible memleak in z2_batt_probe() (git-fixes).
- powerpc: export the CPU node count (bsc#1207016 ltc#201108).
- powerpc: Take in account addition CPU node when building kexec FDT (bsc#1207016 ltc#201108).
- powerpc/64: Init jump labels before parse_early_param() (bsc#1065729).
- powerpc/pci: Fix get_phb_number() locking (bsc#1065729).
- powerpc/perf: callchain validate kernel stack pointer bounds (bsc#1065729).
- powerpc/powernv: add missing of_node_put (bsc#1065729).
- powerpc/pseries: unregister VPA when hot unplugging a CPU (bsc#1205695 ltc#200603).
- powerpc/pseries/eeh: use correct API for error log size (bsc#1065729).
- powerpc/xive: add missing iounmap() in error path in xive_spapr_populate_irq_data() (git-fixes).
- powerpc/xive/spapr: correct bitmap allocation size (git-fixes).
- proc: fixup uptime selftest (git-fixes).
- pstore: Avoid kcore oops by vmap()ing with VM_IOREMAP (git-fixes).
- pstore: Make sure CONFIG_PSTORE_PMSG selects CONFIG_RT_MUTEXES (git-fixes).
- pstore: Properly assign mem_type property (git-fixes).
- pstore: Switch pmsg_lock to an rt_mutex to avoid priority inversion (git-fixes).
- pstore/ram: Fix error return code in ramoops_probe() (git-fixes).
- pstore/zone: Use GFP_ATOMIC to allocate zone buffer (git-fixes).
- pwm: lpc18xx-sct: Fix a comment to match code (git-fixes).
- pwm: mediatek: always use bus clock for PWM on MT7622 (git-fixes).
- pwm: sifive: Call pwm_sifive_update_clock() while mutex is held (git-fixes).
- pwm: tegra: Improve required rate calculation (git-fixes).
- r6040: Fix kmemleak in probe and remove (git-fixes).
- random: allow partial reads if later user copies fail (bsc#1204911).
- random: check for signals every PAGE_SIZE chunk of /dev/random (bsc#1204911).
- random: convert to using fops->read_iter() (bsc#1204911).
- random: convert to using fops->write_iter() (bsc#1204911).
- random: remove outdated INT_MAX >> 6 check in urandom_read() (bsc#1204911).
- random: zero buffer after reading entropy from userspace (bsc#1204911).
- RDMA: Disable IB HW for UML (git-fixes)
- RDMA/core: Fix order of nldev_exit call (git-fixes)
- RDMA/core: Make sure 'ib_port' is valid when access sysfs node (git-fixes)
- RDMA/efa: Add EFA 0xefa2 PCI ID (git-fixes)
- RDMA/hfi: Decrease PCI device reference count in error path (git-fixes)
- RDMA/hfi1: Fix error return code in parse_platform_config() (git-fixes)
- RDMA/hns: Fix AH attr queried by query_qp (git-fixes)
- RDMA/hns: Fix error code of CMD (git-fixes)
- RDMA/hns: Fix ext_sge num error when post send (git-fixes)
- RDMA/hns: fix memory leak in hns_roce_alloc_mr() (git-fixes)
- RDMA/hns: Fix page size cap from firmware (git-fixes)
- RDMA/hns: Fix PBL page MTR find (git-fixes)
- RDMA/hns: Fix XRC caps on HIP08 (git-fixes)
- RDMA/hns: Repacing 'dseg_len' by macros in fill_ext_sge_inl_data() (git-fixes)
- RDMA/irdma: Do not request 2-level PBLEs for CQ alloc (git-fixes)
- RDMA/irdma: Initialize net_type before checking it (git-fixes)
- RDMA/irdma: Report the correct link speed (git-fixes)
- RDMA/nldev: Add checks for nla_nest_start() in fill_stat_counter_qps() (git-fixes)
- RDMA/nldev: Fix failure to send large messages (git-fixes)
- RDMA/nldev: Return '-EAGAIN' if the cm_id isn't from expected port (git-fixes)
- RDMA/restrack: Release MR restrack when delete (git-fixes)
- RDMA/rxe: Fix NULL-ptr-deref in rxe_qp_do_cleanup() when socket create failed (git-fixes)
- RDMA/siw: Fix immediate work request flush to completion queue (git-fixes)
- RDMA/siw: Fix pointer cast warning (git-fixes)
- RDMA/siw: Set defined status for work completion with undefined status (git-fixes)
- RDMA/srp: Fix error return code in srp_parse_options() (git-fixes)
- regulator: bd718x7: Drop unnecessary info print (git-fixes).
- regulator: core: fix deadlock on regulator enable (git-fixes).
- regulator: core: fix module refcount leak in set_supply() (git-fixes).
- regulator: core: fix resource leak in regulator_register() (git-fixes).
- regulator: core: fix unbalanced of node refcount in regulator_dev_lookup() (git-fixes).
- regulator: core: fix use_count leakage when handling boot-on (git-fixes).
- regulator: core: use kfree_const() to free space conditionally (git-fixes).
- regulator: qcom-labibb: Fix missing of_node_put() in qcom_labibb_regulator_probe() (git-fixes).
- regulator: qcom-rpmh: Fix PMR735a S3 regulator spec (git-fixes).
- regulator: slg51000: Wait after asserting CS pin (git-fixes).
- regulator: twl6030: fix get status of twl6032 regulators (git-fixes).
- remoteproc: core: Do pm_relax when in RPROC_OFFLINE state (git-fixes).
- remoteproc: qcom_q6v5_pas: detach power domains on remove (git-fixes).
- remoteproc: qcom_q6v5_pas: disable wakeup on probe fail or remove (git-fixes).
- remoteproc: qcom_q6v5_pas: Fix missing of_node_put() in adsp_alloc_memory_region() (git-fixes).
- remoteproc: qcom: q6v5: Fix missing clk_disable_unprepare() in q6v5_wcss_qcs404_power_on() (git-fixes).
- remoteproc: qcom: q6v5: Fix potential null-ptr-deref in q6v5_wcss_init_mmio() (git-fixes).
- remoteproc: sysmon: fix memory leak in qcom_add_sysmon_subdev() (git-fixes).
- rtc: cmos: fix build on non-ACPI platforms (git-fixes).
- rtc: cmos: Fix event handler registration ordering issue (git-fixes).
- rtc: cmos: Fix wake alarm breakage (git-fixes).
- rtc: ds1347: fix value written to century register (git-fixes).
- rtc: mxc_v2: Add missing clk_disable_unprepare() (git-fixes).
- rtc: pcf85063: fix pcf85063_clkout_control (gut-fixes).
- rtc: pcf85063: Fix reading alarm (git-fixes).
- rtc: pic32: Move devm_rtc_allocate_device earlier in pic32_rtc_probe() (git-fixes).
- rtc: rtc-cmos: Do not check ACPI_FADT_LOW_POWER_S0 (git-fixes).
- rtc: snvs: Allow a time difference on clock register read (git-fixes).
- rtc: st-lpc: Add missing clk_disable_unprepare in st_rtc_probe() (git-fixes).
- rtmutex: Add acquire semantics for rtmutex lock acquisition slow path (bnc#1203829).
- s390/boot: add secure boot trailer (bsc#1205257 LTC#200451).
- sbitmap: fix lockup while swapping (bsc#1206602).
- sched/core: Fix comparison in sched_group_cookie_match() (git-fixes)
- sched/core: Fix the bug that task won't enqueue into core (git-fixes)
- sched/topology: Remove redundant variable and fix incorrect (git-fixes)
- sched/uclamp: Fix relationship between uclamp and migration (git-fixes)
- sched/uclamp: Make task_fits_capacity() use util_fits_cpu() (git-fixes)
- scsi: 3w-9xxx: Avoid disabling device if failing to enable it (git-fixes).
- scsi: advansys: Fix kernel pointer leak (git-fixes).
- scsi: aha152x: Fix aha152x_setup() __setup handler return value (git-fixes).
- scsi: bfa: Replace snprintf() with sysfs_emit() (git-fixes).
- scsi: core: Fix sbitmap depth in scsi_realloc_sdev_budget_map() (git-fixes).
- scsi: core: Fix scsi_mode_sense() buffer length handling (git-fixes).
- scsi: core: Reallocate device's budget map on queue depth change (git-fixes).
- scsi: core: Restrict legal sdev_state transitions via sysfs (git-fixes).
- scsi: hisi_sas: Free irq vectors in order for v3 HW (git-fixes).
- scsi: hisi_sas: Limit max hw sectors for v3 HW (git-fixes).
- scsi: hisi_sas: Use managed PCI functions (git-fixes).
- scsi: ipr: Fix missing/incorrect resource cleanup in error case (git-fixes).
- scsi: iscsi: Add recv workqueue helpers (git-fixes).
- scsi: iscsi: Fix harmless double shift bug (git-fixes).
- scsi: iscsi: Fix possible memory leak when device_register() failed (git-fixes).
- scsi: iscsi: iscsi_tcp: Fix null-ptr-deref while calling getpeername() (git-fixes).
- scsi: iscsi: kabi: add iscsi_conn_queue_work back (git-fixes).
- scsi: iscsi: kabi: fix libiscsi new field (git-fixes).
- scsi: iscsi: Merge suspend fields (git-fixes).
- scsi: iscsi: Rename iscsi_conn_queue_work() (git-fixes).
- scsi: iscsi: Run recv path from workqueue (git-fixes).
- scsi: iscsi: Unblock session then wake up error handler (git-fixes).
- scsi: libfc: Fix use after free in fc_exch_abts_resp() (git-fixes).
- scsi: libiscsi: Fix UAF in iscsi_conn_get_param()/iscsi_conn_teardown() (git-fixes).
- scsi: lpfc: Correct bandwidth logging during receipt of congestion sync WCQE (jsc#PED-1445).
- scsi: lpfc: Fix crash involving race between FLOGI timeout and devloss handler (jsc#PED-1445).
- scsi: lpfc: Fix MI capability display in cmf_info sysfs attribute (jsc#PED-1445).
- scsi: lpfc: Fix WQ|CQ|EQ resource check (jsc#PED-1445).
- scsi: lpfc: Remove linux/msi.h include (jsc#PED-1445).
- scsi: lpfc: Remove redundant pointer 'lp' (jsc#PED-1445).
- scsi: lpfc: Update lpfc version to 14.2.0.9 (jsc#PED-1445).
- scsi: lpfc: Use memset_startat() helper (jsc#PED-1445).
- scsi: megaraid_sas: Fix double kfree() (git-fixes).
- scsi: megaraid_sas: Target with invalid LUN ID is deleted during scan (git-fixes).
- scsi: megaraid: Fix error check return value of register_chrdev() (git-fixes).
- scsi: mpi3mr: Fix memory leaks (git-fixes).
- scsi: mpi3mr: Fix reporting of actual data transfer size (git-fixes).
- scsi: mpi3mr: Fixes around reply request queues (git-fixes).
- scsi: mpt3sas: Do not change DMA mask while reallocating pools (bsc#1206912,bsc#1206098).
- scsi: mpt3sas: Fail reset operation if config request timed out (git-fixes).
- scsi: mpt3sas: Fix out-of-bounds compiler warning (git-fixes).
- scsi: mpt3sas: re-do lost mpt3sas DMA mask fix (bsc#1206912,bsc#1206098).
- scsi: mpt3sas: Remove usage of dma_get_required_mask() API (bsc#1206912,bsc#1206098).
- scsi: mvsas: Add PCI ID of RocketRaid 2640 (git-fixes).
- scsi: mvsas: Replace snprintf() with sysfs_emit() (git-fixes).
- scsi: myrb: Fix up null pointer access on myrb_cleanup() (git-fixes).
- scsi: myrs: Fix crash in error case (git-fixes).
- scsi: ncr53c8xx: Remove unused retrieve_from_waiting_list() function (git-fixes).
- scsi: pm8001: Fix bogus FW crash for maxcpus=1 (git-fixes).
- scsi: pm8001: Fix memory leak in pm8001_chip_fw_flash_update_req() (git-fixes).
- scsi: pm8001: Fix pm8001_mpi_task_abort_resp() (git-fixes).
- scsi: pm8001: Fix pm80xx_pci_mem_copy() interface (git-fixes).
- scsi: pm8001: Fix tag leaks on error (git-fixes).
- scsi: pm8001: Fix task leak in pm8001_send_abort_all() (git-fixes).
- scsi: pm8001: Fix use-after-free for aborted SSP/STP sas_task (git-fixes).
- scsi: pm8001: Fix use-after-free for aborted TMF sas_task (git-fixes).
- scsi: pm80xx: Fix double completion for SATA devices (git-fixes).
- scsi: pm80xx: Fix memory leak during rmmod (git-fixes).
- scsi: pmcraid: Fix missing resource cleanup in error case (git-fixes).
- scsi: qedf: Add stag_work to all the vports (git-fixes).
- scsi: qedf: Change context reset messages to ratelimited (git-fixes).
- scsi: qedf: Fix a UAF bug in __qedf_probe() (git-fixes).
- scsi: qedf: Fix refcount issue when LOGO is received during TMF (git-fixes).
- scsi: qla2xxx: Fix crash when I/O abort times out (jsc#PED-568).
- scsi: qla2xxx: Fix set-but-not-used variable warnings (jsc#PED-568).
- scsi: qla2xxx: Initialize vha->unknown_atio_[list, work] for NPIV hosts (jsc#PED-568).
- scsi: qla2xxx: Remove duplicate of vha->iocb_work initialization (jsc#PED-568).
- scsi: qla2xxx: Remove unused variable 'found_devs' (jsc#PED-568).
- scsi: scsi_debug: Fix out-of-bound read in resp_readcap16() (git-fixes).
- scsi: scsi_debug: Fix out-of-bound read in resp_report_tgtpgs() (git-fixes).
- scsi: scsi_debug: Fix possible UAF in sdebug_add_host_helper() (git-fixes).
- scsi: scsi_debug: Make the READ CAPACITY response compliant with ZBC (git-fixes).
- scsi: scsi_dh_alua: Properly handle the ALUA transitioning state (git-fixes).
- scsi: smartpqi: Fix kdump issue when controller is locked up (git-fixes).
- scsi: sr: Do not use GFP_DMA (git-fixes).
- scsi: ufs: core: Fix ufshcd_probe_hba() prototype to match the definition (git-fixes).
- scsi: ufs: Fix a kernel crash during shutdown (git-fixes).
- scsi: ufs: Treat link loss as fatal error (git-fixes).
- scsi: ufs: ufshcd-pltfrm: Check the return value of devm_kstrdup() (git-fixes).
- scsi: ufs: Use generic error code in ufshcd_set_dev_pwr_mode() (git-fixes).
- scsi: ufs: Use pm_runtime_resume_and_get() instead of pm_runtime_get_sync() (git-fixes).
- scsi: vmw_pvscsi: Expand vcpuHint to 16 bits (git-fixes).
- sctp: sysctl: make extra pointers netns aware (bsc#1204760).
- selftests: devlink: fix the fd redirect in dummy_reporter_test (git-fixes).
- selftests: set the BUILD variable to absolute path (git-fixes).
- selftests: Use optional USERCFLAGS and USERLDFLAGS (git-fixes).
- selftests/efivarfs: Add checking of the test return value (git-fixes).
- selftests/ftrace: event_triggers: wait longer for test_event_enable (git-fixes).
- selftests/powerpc: Fix resource leaks (git-fixes).
- serial: 8250_bcm7271: Fix error handling in brcmuart_init() (git-fixes).
- serial: amba-pl011: avoid SBSA UART accessing DMACR register (git-fixes).
- serial: pch: Fix PCI device refcount leak in pch_request_dma() (git-fixes).
- serial: pl011: Do not clear RX FIFO & RX interrupt in unthrottle (git-fixes).
- serial: stm32: move dma_request_chan() before clk_prepare_enable() (git-fixes).
- serial: sunsab: Fix error handling in sunsab_init() (git-fixes).
- serial: tegra: Read DMA status before terminating (git-fixes).
- soc: mediatek: pm-domains: Fix the power glitch issue (git-fixes).
- soc: qcom: llcc: make irq truly optional (git-fixes).
- soc: qcom: Select REMAP_MMIO for LLCC driver (git-fixes).
- soc: ti: knav_qmss_queue: Fix PM disable depth imbalance in knav_queue_probe (git-fixes).
- soc: ti: knav_qmss_queue: Use pm_runtime_resume_and_get instead of pm_runtime_get_sync (git-fixes).
- soc: ti: smartreflex: Fix PM disable depth imbalance in omap_sr_probe (git-fixes).
- soundwire: dmi-quirks: add quirk variant for LAPBC710 NUC15 (git-fixes).
- spi: spi-gpio: Do not set MOSI as an input if not 3WIRE mode (git-fixes).
- spi: spidev: mask SPI_CS_HIGH in SPI_IOC_RD_MODE (git-fixes).
- spi: Update reference to struct spi_controller (git-fixes).
- staging: media: tegra-video: fix chan->mipi value on error (git-fixes).
- staging: media: tegra-video: fix device_node use after free (git-fixes).
- staging: rtl8192e: Fix potential use-after-free in rtllib_rx_Monitor() (git-fixes).
- staging: rtl8192u: Fix use after free in ieee80211_rx() (git-fixes).
- string.h: Introduce memset_startat() for wiping trailing members and padding (jsc#PED-1445).
- test_firmware: fix memory leak in test_firmware_init() (git-fixes).
- thermal: core: fix some possible name leaks in error paths (git-fixes).
- thermal: int340x: Add missing attribute for data rate base (git-fixes).
- thermal/drivers/imx8mm_thermal: Validate temperature range (git-fixes).
- thermal/drivers/qcom/temp-alarm: Fix inaccurate warning for gen2 (git-fixes).
- timers: implement usleep_idle_range() (git-fixes).
- tpm: acpi: Call acpi_put_table() to fix memory leak (git-fixes).
- tpm: tpm_crb: Add the missed acpi_put_table() to fix memory leak (git-fixes).
- tpm: tpm_tis: Add the missed acpi_put_table() to fix memory leak (git-fixes).
- tpm/tpm_crb: Fix error message in __crb_relinquish_locality() (git-fixes).
- tpm/tpm_ftpm_tee: Fix error handling in ftpm_mod_init() (git-fixes).
- tracing: Add tracing_reset_all_online_cpus_unlocked() function (git-fixes).
- tracing: Free buffers when a used dynamic event is removed (git-fixes).
- tracing/doc: Fix typos on the timerlat tracer documentation (git-fixes).
- tracing/osnoise: Fix duration type (git-fixes).
- tty: serial: altera_uart_{r,t}x_chars() need only uart_port (git-fixes).
- tty: serial: clean up stop-tx part in altera_uart_tx_chars() (git-fixes).
- uio: uio_dmem_genirq: Fix deadlock between irq config and handling (git-fixes).
- uio: uio_dmem_genirq: Fix missing unlock in irq configuration (git-fixes).
- units: Add SI metric prefix definitions (git-fixes).
- units: add the HZ macros (git-fixes).
- usb: cdnsp: fix lack of ZLP for ep0 (git-fixes).
- usb: dwc3: core: defer probe on ulpi_read_id timeout (git-fixes).
- usb: dwc3: fix PHY disable sequence (git-fixes).
- usb: dwc3: Fix race between dwc3_set_mode and __dwc3_set_mode (git-fixes).
- usb: dwc3: gadget: Disable GUSB2PHYCFG.SUSPHY for End Transfer (git-fixes).
- usb: dwc3: pci: Update PCIe device ID for USB3 controller on CPU sub-system for Raptor Lake (git-fixes).
- usb: dwc3: qcom: fix runtime PM wakeup (git-fixes).
- usb: gadget: uvc: Prevent buffer overflow in setup handler (git-fixes).
- usb: gadget: uvc: Rename bmInterfaceFlags -> bmInterlaceFlags (git-fixes).
- usb: rndis_host: Secure rndis_query check against int overflow (git-fixes).
- usb: roles: fix of node refcount leak in usb_role_switch_is_parent() (git-fixes).
- usb: serial: cp210x: add Kamstrup RF sniffer PIDs (git-fixes).
- usb: serial: f81232: fix division by zero on line-speed change (git-fixes).
- usb: serial: f81534: fix division by zero on line-speed change (git-fixes).
- usb: serial: option: add Quectel EM05-G modem (git-fixes).
- usb: storage: Add check for kcalloc (git-fixes).
- usb: typec: Check for ops->exit instead of ops->enter in altmode_exit (git-fixes).
- usb: typec: Factor out non-PD fwnode properties (git-fixes).
- usb: typec: tcpci: fix of node refcount leak in tcpci_register_port() (git-fixes).
- usb: typec: tipd: Cleanup resources if devm_tps6598_psy_register fails (git-fixes).
- usb: typec: tipd: Fix spurious fwnode_handle_put in error path (git-fixes).
- usb: ulpi: defer ulpi_register on ulpi_read_id timeout (git-fixes).
- usb: xhci-mtk: fix leakage of shared hcd when fail to set wakeup irq (git-fixes).
- vdpa_sim: fix possible memory leak in vdpasim_net_init() and vdpasim_blk_init() (git-fixes).
- vdpa_sim: fix vringh initialization in vdpasim_queue_ready() (git-fixes).
- vfio: platform: Do not pass return buffer to ACPI _RST method (git-fixes).
- vhost: fix range used in translate_desc() (git-fixes).
- vhost/vsock: Fix error handling in vhost_vsock_init() (git-fixes).
- vmxnet3: correctly report csum_level for encapsulated packet (git-fixes).
- vringh: fix range used in iotlb_translate() (git-fixes).
- vsock: Enable y2038 safe timeval for timeout (bsc#1206101).
- vsock: Refactor vsock_*_getsockopt to resemble sock_getsockopt (bsc#1206101).
- wifi: ar5523: Fix use-after-free on ar5523_cmd() timed out (git-fixes).
- wifi: ath10k: Fix return value in ath10k_pci_init() (git-fixes).
- wifi: ath9k: hif_usb: fix memory leak of urbs in ath9k_hif_usb_dealloc_tx_urbs() (git-fixes).
- wifi: ath9k: hif_usb: Fix use-after-free in ath9k_hif_usb_reg_in_cb() (git-fixes).
- wifi: ath9k: verify the expected usb_endpoints are present (git-fixes).
- wifi: brcmfmac: Fix error return code in brcmf_sdio_download_firmware() (git-fixes).
- wifi: brcmfmac: Fix potential shift-out-of-bounds in brcmf_fw_alloc_request() (git-fixes).
- wifi: cfg80211: Fix not unregister reg_pdev when load_builtin_regdb_keys() fails (git-fixes).
- wifi: iwlwifi: mvm: fix double free on tx path (git-fixes).
- wifi: mac80211: fix memory leak in ieee80211_if_add() (git-fixes).
- wifi: mt76: do not run mt76u_status_worker if the device is not running (git-fixes).
- wifi: mt76: fix coverity overrun-call in mt76_get_txpower() (git-fixes).
- wifi: rsi: Fix handling of 802.3 EAPOL frames sent via control port (git-fixes).
- wifi: rtl8xxxu: Add __packed to struct rtl8723bu_c2h (git-fixes).
- wifi: rtl8xxxu: Fix the channel width reporting (git-fixes).
- wifi: rtl8xxxu: gen2: Turn on the rate control (git-fixes).
- wifi: rtw89: fix physts IE page check (git-fixes).
- wifi: rtw89: Fix some error handling path in rtw89_core_sta_assoc() (git-fixes).
- wifi: rtw89: use u32_encode_bits() to fill MAC quota value (git-fixes).
- wifi: wilc1000: sdio: fix module autoloading (git-fixes).
- xfrm: Fix oops in __xfrm_state_delete() (bsc#1206794).
- xhci: Apply XHCI_RESET_TO_DEFAULT quirk to ADL-N (git-fixes).
Patchnames
SUSE-2023-149,SUSE-SLE-Micro-5.3-2023-149,SUSE-SLE-Module-Basesystem-15-SP4-2023-149,SUSE-SLE-Module-Development-Tools-15-SP4-2023-149,SUSE-SLE-Module-Legacy-15-SP4-2023-149,SUSE-SLE-Module-Live-Patching-15-SP4-2023-149,SUSE-SLE-Product-HA-15-SP4-2023-149,SUSE-SLE-Product-WE-15-SP4-2023-149,openSUSE-Leap-Micro-5.3-2023-149,openSUSE-SLE-15.4-2023-149
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for the Linux Kernel", title: "Title of the patch", }, { category: "description", text: "\nThe SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2022-3344: Fixed a bug where nested shutdown interception could lead to host crash (bsc#1204652)\n- CVE-2022-4662: Fixed a recursive locking violation in usb-storage that can cause the kernel to deadlock. (bsc#1206664)\n- CVE-2022-3115: Fixed a null pointer dereference in malidp_crtc.c caused by a lack of checks of the return value of kzalloc. (bsc#1206393)\n- CVE-2022-47520: Fixed an out-of-bounds read when parsing a Robust Security Network (RSN) information element from a Netlink packet. (bsc#1206515)\n- CVE-2022-3112: Fixed a null pointer dereference caused by lacks check of the return value of kzalloc() in vdec_helpers.c:amvdec_set_canvases. (bsc#1206399)\n- CVE-2022-3564: Fixed a bug which could lead to use after free, it was found in the function l2cap_reassemble_sdu of the file net/bluetooth/l2cap_core.c of the component Bluetooth. (bsc#1206073)\n- CVE-2022-4379: Fixed a use-after-free vulnerability in nfs4file.c:__nfs42_ssc_open. (bsc#1206209)\n- CVE-2022-3108: Fixed a bug in kfd_parse_subtype_iolink in drivers/gpu/drm/amd/amdkfd/kfd_crat.c where a lack of check of the return value of kmemdup() could lead to a NULL pointer dereference. (bsc#1206389)\n- CVE-2022-3104: Fixed a null pointer dereference caused by caused by a missing check of the return value of kzalloc() in bugs.c:lkdtm_ARRAY_BOUNDS. (bsc#1206396)\n- CVE-2022-3113: Fixed a null pointer dereference caused by a missing check of the return value of devm_kzalloc. (bsc#1206390)\n- CVE-2022-3107: Fixed a null pointer dereference caused by a missing check of the return value of kvmalloc_array. (bsc#1206395)\n- CVE-2022-3114: Fixed a null pointer dereference caused by a missing check of the return value of kcalloc. (bsc#1206391)\n- CVE-2022-3111: Fixed a missing release of resource after effective lifetime bug caused by a missing free of the WM8350_IRQ_CHG_FAST_RDY in wm8350_init_charger. (bsc#1206394)\n- CVE-2022-3105: Fixed a null pointer dereference caused by a missing check of the return value of kmalloc_array. (bsc#1206398)\n- CVE-2022-3106: Fixed a null pointer dereference caused by a missing check of the return value of kmalloc. (bsc#1206397)\n\nThe following non-security bugs were fixed:\n\n- acct: fix potential integer overflow in encode_comp_t() (git-fixes).\n- ACPI: resource: Skip IRQ override on Asus Vivobook K3402ZA/K3502ZA (git-fixes).\n- ACPICA: Fix error code path in acpi_ds_call_control_method() (git-fixes).\n- ACPICA: Fix use-after-free in acpi_ut_copy_ipackage_to_ipackage() (git-fixes).\n- ALSA: asihpi: fix missing pci_disable_device() (git-fixes).\n- ALSA: hda/hdmi: Add HP Device 0x8711 to force connect list (git-fixes).\n- ALSA: hda/realtek: Add quirk for Lenovo TianYi510Pro-14IOB (git-fixes).\n- ALSA: hda/realtek: Apply dual codec fixup for Dell Latitude laptops (git-fixes).\n- ALSA: line6: correct midi status byte when receiving data from podxt (git-fixes).\n- ALSA: line6: fix stack overflow in line6_midi_transmit (git-fixes).\n- ALSA: mts64: fix possible null-ptr-defer in snd_mts64_interrupt (git-fixes).\n- ALSA: patch_realtek: Fix Dell Inspiron Plus 16 (git-fixes).\n- ALSA: pcm: fix undefined behavior in bit shift for SNDRV_PCM_RATE_KNOT (git-fixes).\n- ALSA: pcm: Set missing stop_operating flag at undoing trigger start (git-fixes).\n- ALSA: seq: Fix function prototype mismatch in snd_seq_expand_var_event (git-fixes).\n- ALSA: seq: fix undefined behavior in bit shift for SNDRV_SEQ_FILTER_USE_EVENT (git-fixes).\n- ALSA: usb-audio: add the quirk for KT0206 device (git-fixes).\n- amdgpu/pm: prevent array underflow in vega20_odn_edit_dpm_table() (git-fixes).\n- apparmor: fix a memleak in multi_transaction_new() (git-fixes).\n- apparmor: Fix abi check to include v8 abi (git-fixes).\n- apparmor: fix lockdep warning when removing a namespace (git-fixes).\n- apparmor: Fix memleak in alloc_ns() (git-fixes).\n- apparmor: Use pointer to struct aa_label for lbs_cred (git-fixes).\n- ARM: 9251/1: perf: Fix stacktraces for tracepoint events in THUMB2 kernels (git-fixes).\n- ARM: 9256/1: NWFPE: avoid compiler-generated __aeabi_uldivmod (git-fixes).\n- ARM: dts: armada-370: Fix assigned-addresses for every PCIe Root Port (git-fixes).\n- ARM: dts: armada-375: Fix assigned-addresses for every PCIe Root Port (git-fixes).\n- ARM: dts: armada-38x: Fix assigned-addresses for every PCIe Root Port (git-fixes).\n- ARM: dts: armada-38x: Fix compatible string for gpios (git-fixes).\n- ARM: dts: armada-39x: Fix assigned-addresses for every PCIe Root Port (git-fixes).\n- ARM: dts: armada-39x: Fix compatible string for gpios (git-fixes).\n- ARM: dts: armada-xp: Fix assigned-addresses for every PCIe Root Port (git-fixes).\n- ARM: dts: dove: Fix assigned-addresses for every PCIe Root Port (git-fixes).\n- ARM: dts: nuvoton: Remove bogus unit addresses from fixed-partition nodes (git-fixes).\n- ARM: dts: qcom: apq8064: fix coresight compatible (git-fixes).\n- ARM: dts: rockchip: disable arm_global_timer on rk3066 and rk3188 (git-fixes).\n- ARM: dts: rockchip: fix ir-receiver node names (git-fixes).\n- ARM: dts: rockchip: fix node name for hym8563 rtc (git-fixes).\n- ARM: dts: rockchip: remove clock-frequency from rtc (git-fixes).\n- ARM: dts: rockchip: rk3188: fix lcdc1-rgb24 node name (git-fixes).\n- ARM: dts: spear600: Fix clcd interrupt (git-fixes).\n- ARM: dts: stm32: Drop stm32mp15xc.dtsi from Avenger96 (git-fixes).\n- ARM: dts: stm32: Fix AV96 WLAN regulator gpio property (git-fixes).\n- ARM: dts: turris-omnia: Add ethernet aliases (git-fixes).\n- ARM: dts: turris-omnia: Add switch port 6 node (git-fixes).\n- ARM: mmp: fix timer_read delay (git-fixes).\n- ARM: ux500: do not directly dereference __iomem (git-fixes).\n- arm64: Avoid repeated AA64MMFR1_EL1 register read on pagefault path (performance bsc#1203219).\n- arm64: dts: armada-3720-turris-mox: Add missing interrupt for RTC (git-fixes).\n- arm64: dts: mediatek: mt6797: Fix 26M oscillator unit name (git-fixes).\n- arm64: dts: mediatek: pumpkin-common: Fix devicetree warnings (git-fixes).\n- arm64: dts: mt2712-evb: Fix usb vbus regulators unit names (git-fixes).\n- arm64: dts: mt2712-evb: Fix vproc fixed regulators unit names (git-fixes).\n- arm64: dts: mt2712e: Fix unit address for pinctrl node (git-fixes).\n- arm64: dts: mt2712e: Fix unit_address_vs_reg warning for oscillators (git-fixes).\n- arm64: dts: mt6779: Fix devicetree build warnings (git-fixes).\n- arm64: dts: mt7622: drop r_smpl property from mmc node (git-fixes).\n- arm64: dts: mt8183: drop drv-type from mmc-node (git-fixes).\n- arm64: dts: mt8183: Fix Mali GPU clock (git-fixes).\n- arm64: dts: qcom: ipq6018-cp01-c1: use BLSPI1 pins (git-fixes).\n- arm64: dts: qcom: msm8916: Drop MSS fallback compatible (git-fixes).\n- arm64: dts: qcom: msm8996: Add MSM8996 Pro support (git-fixes).\n- arm64: dts: qcom: msm8996: fix GPU OPP table (git-fixes).\n- arm64: dts: qcom: msm8996: fix supported-hw in cpufreq OPP tables (git-fixes).\n- arm64: dts: qcom: sdm630: fix UART1 pin bias (git-fixes).\n- arm64: dts: qcom: sdm845-cheza: fix AP suspend pin bias (git-fixes).\n- arm64: dts: qcom: sdm845-db845c: correct SPI2 pins drive strength (git-fixes).\n- arm64: dts: qcom: sdm850-lenovo-yoga-c630: correct I2C12 pins drive strength (git-fixes).\n- arm64: dts: qcom: sm8250-sony-xperia-edo: fix touchscreen bias-disable (git-fixes).\n- arm64: dts: qcom: sm8250: correct LPASS pin pull down (git-fixes).\n- arm64: dts: qcom: sm8250: drop bogus DP PHY clock (git-fixes).\n- arm64: dts: qcom: sm8250: fix USB-DP PHY registers (git-fixes).\n- arm64: dts: rockchip: fix ir-receiver node names (git-fixes).\n- arm64: dts: rockchip: keep I2S1 disabled for GPIO function on ROCK Pi 4 series (git-fixes).\n- arm64: dts: ti: k3-am65-main: Drop dma-coherent in crypto node (git-fixes).\n- arm64: dts: ti: k3-j721e-main: Drop dma-coherent in crypto node (git-fixes).\n- ASoC: audio-graph-card: fix refcount leak of cpu_ep in __graph_for_each_link() (git-fixes).\n- ASoC: codecs: rt298: Add quirk for KBL-R RVP platform (git-fixes).\n- ASoC: cs42l51: Correct PGA Volume minimum value (git-fixes).\n- ASoC: dt-bindings: wcd9335: fix reset line polarity in example (git-fixes).\n- ASoC: fsl_micfil: explicitly clear CHnF flags (git-fixes).\n- ASoC: fsl_micfil: explicitly clear software reset bit (git-fixes).\n- ASoC: Intel: bytcr_rt5640: Add quirk for the Advantech MICA-071 tablet (git-fixes).\n- ASoC: jz4740-i2s: Handle independent FIFO flush bits (git-fixes).\n- ASoC: mediatek: mt8173-rt5650-rt5514: fix refcount leak in mt8173_rt5650_rt5514_dev_probe() (git-fixes).\n- ASoC: mediatek: mt8173: Enable IRQ when pdata is ready (git-fixes).\n- ASoC: mediatek: mt8183: fix refcount leak in mt8183_mt6358_ts3a227_max98357_dev_probe() (git-fixes).\n- ASoC: mediatek: mtk-btcvsd: Add checks for write and read of mtk_btcvsd_snd (git-fixes).\n- ASoC: ops: Check bounds for second channel in snd_soc_put_volsw_sx() (git-fixes).\n- ASoC: ops: Correct bounds check for second channel on SX controls (git-fixes).\n- ASoC: pcm512x: Fix PM disable depth imbalance in pcm512x_probe (git-fixes).\n- ASoC: pxa: fix null-pointer dereference in filter() (git-fixes).\n- ASoC: qcom: Add checks for devm_kcalloc (git-fixes).\n- ASoC: rockchip: pdm: Add missing clk_disable_unprepare() in rockchip_pdm_runtime_resume() (git-fixes).\n- ASoC: rockchip: spdif: Add missing clk_disable_unprepare() in rk_spdif_runtime_resume() (git-fixes).\n- ASoC: rt5670: Remove unbalanced pm_runtime_put() (git-fixes).\n- ASoC: rt711-sdca: fix the latency time of clock stop prepare state machine transitions (git-fixes).\n- ASoC: soc-pcm: Add NULL check in BE reparenting (git-fixes).\n- ASoC: wm8962: Wait for updated value of WM8962_CLOCKING1 register (git-fixes).\n- ASoC: wm8994: Fix potential deadlock (git-fixes).\n- ata: ahci: Fix PCS quirk application for suspend (git-fixes).\n- binfmt_elf: fix documented return value for load_elf_phdrs() (git-fixes).\n- binfmt_misc: fix shift-out-of-bounds in check_special_flags (git-fixes).\n- binfmt: Fix error return code in load_elf_fdpic_binary() (git-fixes).\n- block: Do not reread partition table on exclusively open device (bsc#1190969).\n- Bluetooth: btintel: Fix missing free skb in btintel_setup_combined() (git-fixes).\n- Bluetooth: btusb: Add debug message for CSR controllers (git-fixes).\n- Bluetooth: btusb: do not call kfree_skb() under spin_lock_irqsave() (git-fixes).\n- Bluetooth: hci_bcsp: do not call kfree_skb() under spin_lock_irqsave() (git-fixes).\n- Bluetooth: hci_core: do not call kfree_skb() under spin_lock_irqsave() (git-fixes).\n- Bluetooth: hci_h5: do not call kfree_skb() under spin_lock_irqsave() (git-fixes).\n- Bluetooth: hci_ll: do not call kfree_skb() under spin_lock_irqsave() (git-fixes).\n- Bluetooth: hci_qca: do not call kfree_skb() under spin_lock_irqsave() (git-fixes).\n- Bluetooth: MGMT: Fix error report for ADD_EXT_ADV_PARAMS (git-fixes).\n- Bluetooth: RFCOMM: do not call kfree_skb() under spin_lock_irqsave() (git-fixes).\n- brcmfmac: return error when getting invalid max_flowrings from dongle (git-fixes).\n- caif: fix memory leak in cfctrl_linkup_request() (git-fixes).\n- can: do not increase rx statistics when generating a CAN rx error message frame (git-fixes).\n- can: do not increase rx_bytes statistics for RTR frames (git-fixes).\n- can: kvaser_usb_leaf: Fix bogus restart events (git-fixes).\n- can: kvaser_usb_leaf: Fix wrong CAN state after stopping (git-fixes).\n- can: kvaser_usb_leaf: Set Warning state even without bus errors (git-fixes).\n- can: kvaser_usb: do not increase tx statistics when sending error message frames (git-fixes).\n- can: kvaser_usb: kvaser_usb_leaf: fix bittiming limits (git-fixes).\n- can: kvaser_usb: make use of units.h in assignment of frequency (git-fixes).\n- can: m_can: fix typo prescalar -> prescaler (git-fixes).\n- can: m_can: is_lec_err(): clean up LEC error handling (git-fixes).\n- can: mcba_usb: Fix termination command argument (git-fixes).\n- can: sja1000: fix size of OCR_MODE_MASK define (git-fixes).\n- can: tcan4x5x: Remove invalid write in clear_interrupts (git-fixes).\n- chardev: fix error handling in cdev_device_add() (git-fixes).\n- cifs: Add 'extbuf' and 'extbuflen' args to smb2_compound_op() (bsc#1193629).\n- cifs: do not block in dfs_cache_noreq_update_tgthint() (bsc#1193629).\n- cifs: do not leak -ENOMEM in smb2_open_file() (bsc#1193629).\n- cifs: do not refresh cached referrals from unactive mounts (bsc#1193629).\n- cifs: fix confusing debug message (bsc#1193629).\n- cifs: Fix kmap_local_page() unmapping (git-fixes).\n- cifs: fix missing display of three mount options (bsc#1193629).\n- cifs: fix oops during encryption (bsc#1199294).\n- cifs: fix refresh of cached referrals (bsc#1193629).\n- cifs: fix source pathname comparison of dfs supers (bsc#1193629).\n- cifs: fix various whitespace errors in headers (bsc#1193629).\n- cifs: get rid of mount options string parsing (bsc#1193629).\n- cifs: minor cleanup of some headers (bsc#1193629).\n- cifs: optimize reconnect of nested links (bsc#1193629).\n- cifs: Parse owner/group for stat in smb311 posix extensions (bsc#1193629).\n- cifs: print warning when conflicting soft vs. hard mount options specified (bsc#1193629).\n- cifs: reduce roundtrips on create/qinfo requests (bsc#1193629).\n- cifs: refresh root referrals (bsc#1193629).\n- cifs: Remove duplicated include in cifsglob.h (bsc#1193629).\n- cifs: remove unused smb3_fs_context::mount_options (bsc#1193629).\n- cifs: set correct ipc status after initial tree connect (bsc#1193629).\n- cifs: set correct status of tcon ipc when reconnecting (bsc#1193629).\n- cifs: set correct tcon status after initial tree connect (bsc#1193629).\n- cifs: set resolved ip in sockaddr (bsc#1193629).\n- cifs: share dfs connections and supers (bsc#1193629).\n- cifs: skip alloc when request has no pages (bsc#1193629).\n- cifs: split out ses and tcon retrieval from mount_get_conns() (bsc#1193629).\n- cifs: update internal module number (bsc#1193629).\n- cifs: use fs_context for automounts (bsc#1193629).\n- cifs: use origin fullpath for automounts (bsc#1193629).\n- class: fix possible memory leak in __class_register() (git-fixes).\n- clk: Fix pointer casting to prevent oops in devm_clk_release() (git-fixes).\n- clk: generalize devm_clk_get() a bit (git-fixes).\n- clk: imx: imx8mp: add shared clk gate for usb suspend clk (git-fixes).\n- clk: imx: replace osc_hdmi with dummy (git-fixes).\n- clk: nomadik: correct struct name kernel-doc warning (git-fixes).\n- clk: Provide new devm_clk helpers for prepared and enabled clocks (git-fixes).\n- clk: qcom: clk-krait: fix wrong div2 functions (git-fixes).\n- clk: qcom: gcc-sm8250: Use retention mode for USB GDSCs (git-fixes).\n- clk: qcom: lpass-sc7180: Fix pm_runtime usage (git-fixes).\n- clk: renesas: r9a06g032: Repair grave increment error (git-fixes).\n- clk: rockchip: Fix memory leak in rockchip_clk_register_pll() (git-fixes).\n- clk: samsung: Fix memory leak in _samsung_clk_register_pll() (git-fixes).\n- clk: socfpga: Fix memory leak in socfpga_gate_init() (git-fixes).\n- clk: st: Fix memory leak in st_of_quadfs_setup() (git-fixes).\n- clk: sunxi-ng: v3s: Correct the header guard of ccu-sun8i-v3s.h (git-fixes).\n- clocksource/drivers/sh_cmt: Access registers according to spec (git-fixes).\n- clocksource/drivers/timer-ti-dm: Fix missing clk_disable_unprepare in dmtimer_systimer_init_clock() (git-fixes).\n- cpufreq: ACPI: Defer setting boost MSRs (bsc#1205485).\n- cpufreq: ACPI: Only set boost MSRs on supported CPUs (bsc#1205485).\n- cpufreq: ACPI: Remove unused variables 'acpi_cpufreq_online' and 'ret' (bsc#1205485).\n- cpufreq: intel_pstate: Add Sapphire Rapids support in no-HWP mode (bsc#1201068).\n- crypto: ccree - Make cc_debugfs_global_fini() available for module init function (git-fixes).\n- crypto: ccree - Remove debugfs when platform_driver_register failed (git-fixes).\n- crypto: cryptd - Use request context instead of stack for sub-request (git-fixes).\n- crypto: hisilicon/qm - fix missing destroy qp_idr (git-fixes).\n- crypto: img-hash - Fix variable dereferenced before check 'hdev->req' (git-fixes).\n- crypto: n2 - add missing hash statesize (git-fixes).\n- crypto: nitrox - avoid double free on error path in nitrox_sriov_init() (git-fixes).\n- crypto: omap-sham - Use pm_runtime_resume_and_get() in omap_sham_probe() (git-fixes).\n- crypto: rockchip - add fallback for ahash (git-fixes).\n- crypto: rockchip - add fallback for cipher (git-fixes).\n- crypto: rockchip - better handle cipher key (git-fixes).\n- crypto: rockchip - do not do custom power management (git-fixes).\n- crypto: rockchip - do not store mode globally (git-fixes).\n- crypto: rockchip - remove non-aligned handling (git-fixes).\n- crypto: rockchip - rework by using crypto_engine (git-fixes).\n- crypto: sun8i-ss - use dma_addr instead u32 (git-fixes).\n- crypto: tcrypt - Fix multibuffer skcipher speed test mem leak (git-fixes).\n- device property: Fix documentation for fwnode_get_next_parent() (git-fixes).\n- dmaengine: idxd: Fix crc_val field for completion record (git-fixes).\n- docs/zh_CN: Fix '.. only::' directive's expression (git-fixes).\n- Documentation: devres: add missing devm_acpi_dma_controller_free() helper (git-fixes).\n- Documentation: devres: add missing MEM helper (git-fixes).\n- Documentation: devres: add missing PHY helpers (git-fixes).\n- Documentation: devres: add missing PWM helper (git-fixes).\n- drbd: destroy workqueue when drbd device was freed (git-fixes).\n- drbd: remove call to memset before free device/resource/connection (git-fixes).\n- drbd: remove usage of list iterator variable after loop (git-fixes).\n- drbd: set QUEUE_FLAG_STABLE_WRITES (git-fixes).\n- drbd: use after free in drbd_create_device() (git-fixes).\n- driver core: Fix bus_type.match() error handling in __driver_attach() (git-fixes).\n- drivers: dio: fix possible memory leak in dio_init() (git-fixes).\n- drivers: soc: ti: knav_qmss_queue: Mark knav_acc_firmwares as static (git-fixes).\n- drm: bridge: dw_hdmi: fix preference of RGB modes over YUV420 (git-fixes).\n- drm/amd/display: fix array index out of bound error in bios parser (git-fixes).\n- drm/amd/display: Manually adjust strobe for DCN303 (git-fixes).\n- drm/amd/display: prevent memory leak (git-fixes).\n- drm/amd/display: Use the largest vready_offset in pipe group (git-fixes).\n- drm/amd/pm/smu11: BACO is supported when it's in BACO state (git-fixes).\n- drm/amdgpu: fix pci device refcount leak (git-fixes).\n- drm/amdgpu: Fix PCI device refcount leak in amdgpu_atrm_get_bios() (git-fixes).\n- drm/amdgpu: Fix type of second parameter in odn_edit_dpm_table() callback (git-fixes).\n- drm/amdgpu: Fix type of second parameter in trans_msg() callback (git-fixes).\n- drm/amdgpu: handle polaris10/11 overlap asics (v2) (git-fixes).\n- drm/amdgpu: make display pinning more flexible (v2) (git-fixes).\n- drm/amdgpu/powerplay/psm: Fix memory leak in power state init (git-fixes).\n- drm/amdgpu/sdma_v4_0: turn off SDMA ring buffer in the s2idle suspend (git-fixes).\n- drm/amdkfd: Fix memory leakage (git-fixes).\n- drm/bridge: adv7533: remove dynamic lane switching from adv7533 bridge (git-fixes).\n- drm/bridge: anx7625: Fix edid_read break case in sp_tx_edid_read() (git-fixes).\n- drm/bridge: ti-sn65dsi86: Fix output polarity setting bug (git-fixes).\n- drm/connector: send hotplug uevent on connector cleanup (git-fixes).\n- drm/edid: Fix minimum bpc supported with DSC1.2 for HDMI sink (git-fixes).\n- drm/etnaviv: add missing quirks for GC300 (git-fixes).\n- drm/etnaviv: do not truncate physical page address (git-fixes).\n- drm/fourcc: Add packed 10bit YUV 4:2:0 format (git-fixes).\n- drm/fourcc: Fix vsub/hsub for Q410 and Q401 (git-fixes).\n- drm/fsl-dcu: Fix return type of fsl_dcu_drm_connector_mode_valid() (git-fixes).\n- drm/i915: Fix documentation for intel_uncore_forcewake_put__locked (git-fixes).\n- drm/i915: remove circ_buf.h includes (git-fixes).\n- drm/i915: unpin on error in intel_vgpu_shadow_mm_pin() (git-fixes).\n- drm/i915/display: Do not disable DDI/Transcoder when setting phy test pattern (git-fixes).\n- drm/i915/dsi: fix VBT send packet port selection for dual link DSI (git-fixes).\n- drm/i915/gvt: fix gvt debugfs destroy (git-fixes).\n- drm/i915/gvt: fix vgpu debugfs clean in remove (git-fixes).\n- drm/i915/migrate: do not check the scratch page (git-fixes).\n- drm/i915/migrate: fix length calculation (git-fixes).\n- drm/i915/migrate: fix offset calculation (git-fixes).\n- drm/i915/ttm: never purge busy objects (git-fixes).\n- drm/imx: ipuv3-plane: Fix overlay plane width (git-fixes).\n- drm/ingenic: Fix missing platform_driver_unregister() call in ingenic_drm_init() (git-fixes).\n- drm/mediatek: Fix return type of mtk_hdmi_bridge_mode_valid() (git-fixes).\n- drm/mediatek: Modify dpi power on/off sequence (git-fixes).\n- drm/meson: Reduce the FIFO lines held when AFBC is not used (git-fixes).\n- drm/msm: Use drm_mode_copy() (git-fixes).\n- drm/panel/panel-sitronix-st7701: Remove panel on DSI attach failure (git-fixes).\n- drm/panfrost: Fix GEM handle creation ref-counting (git-fixes).\n- drm/radeon: Add the missed acpi_put_table() to fix memory leak (git-fixes).\n- drm/radeon: Fix PCI device refcount leak in radeon_atrm_get_bios() (git-fixes).\n- drm/rockchip: lvds: fix PM usage counter unbalance in poweron (git-fixes).\n- drm/rockchip: Use drm_mode_copy() (git-fixes).\n- drm/shmem-helper: Avoid vm_open error paths (git-fixes).\n- drm/shmem-helper: Remove errant put in error path (git-fixes).\n- drm/sti: Fix return type of sti_{dvo,hda,hdmi}_connector_mode_valid() (git-fixes).\n- drm/sti: Use drm_mode_copy() (git-fixes).\n- drm/tegra: Add missing clk_disable_unprepare() in tegra_dc_probe() (git-fixes).\n- drm/vmwgfx: Do not use screen objects when SEV is active (git-fixes).\n- drm/vmwgfx: Fix a sparse warning in kernel docs (git-fixes).\n- drm/vmwgfx: Validate the box size for the snooped cursor (git-fixes).\n- Drop FIPS mode DRBG->getrandom(2) wire-up (bsc#1191259)\n- dt-bindings: clock: qcom,aoncc-sm8250: fix compatible (git-fixes).\n- dt-bindings: clocks: imx8mp: Add ID for usb suspend clock (git-fixes).\n- dt-bindings: display: sun6i-dsi: Fix clock conditional (git-fixes).\n- dt-bindings: gpio: gpio-davinci: Increase maxItems in gpio-line-names (git-fixes).\n- dt-bindings: net: sun8i-emac: Add phy-supply property (git-fixes).\n- EDAC/mc_sysfs: Increase legacy channel support to 12 (bsc#1205263).\n- efi: Add iMac Pro 2017 to uefi skip cert quirk (git-fixes).\n- ext4: avoid BUG_ON when creating xattrs (bsc#1205496).\n- extcon: usbc-tusb320: Add support for mode setting and reset (git-fixes).\n- extcon: usbc-tusb320: Add support for TUSB320L (git-fixes).\n- extcon: usbc-tusb320: Factor out extcon into dedicated functions (git-fixes).\n- fbcon: Use kzalloc() in fbcon_prepare_logo() (git-fixes).\n- fbdev: fbcon: release buffer when fbcon_do_set_font() failed (git-fixes).\n- fbdev: geode: do not build on UML (git-fixes).\n- fbdev: matroxfb: G200eW: Increase max memory from 1 MB to 16 MB (git-fixes).\n- fbdev: pm2fb: fix missing pci_disable_device() (git-fixes).\n- fbdev: smscufx: Fix several use-after-free bugs (git-fixes).\n- fbdev: ssd1307fb: Drop optional dependency (git-fixes).\n- fbdev: uvesafb: do not build on UML (git-fixes).\n- fbdev: uvesafb: Fixes an error handling path in uvesafb_probe() (git-fixes).\n- fbdev: vermilion: decrease reference count in error path (git-fixes).\n- fbdev: via: Fix error in via_core_init() (git-fixes).\n- firmware: raspberrypi: fix possible memory leak in rpi_firmware_probe() (git-fixes).\n- floppy: Fix memory leak in do_floppy_init() (git-fixes).\n- fuse: lock inode unconditionally in fuse_fallocate() (bsc#1206273).\n- gpio: sifive: Fix refcount leak in sifive_gpio_probe (git-fixes).\n- gpiolib: cdev: fix NULL-pointer dereferences (git-fixes).\n- gpiolib: check the 'ngpios' property in core gpiolib code (git-fixes).\n- gpiolib: fix memory leak in gpiochip_setup_dev() (git-fixes).\n- gpiolib: Get rid of redundant 'else' (git-fixes).\n- gpiolib: improve coding style for local variables (git-fixes).\n- gpiolib: make struct comments into real kernel docs (git-fixes).\n- hamradio: baycom_epp: Fix return type of baycom_send_packet() (git-fixes).\n- hamradio: do not call dev_kfree_skb() under spin_lock_irqsave() (git-fixes).\n- HID: hid-sensor-custom: set fixed size for custom attributes (git-fixes).\n- HID: ite: Enable QUIRK_TOUCHPAD_ON_OFF_REPORT on Acer Aspire Switch V 10 (git-fixes).\n- HID: mcp2221: do not connect hidraw (git-fixes).\n- HID: multitouch: fix Asus ExpertBook P2 P2451FA trackpoint (git-fixes).\n- HID: plantronics: Additional PIDs for double volume key presses quirk (git-fixes).\n- HID: uclogic: Add HID_QUIRK_HIDINPUT_FORCE quirk (git-fixes).\n- HID: usbhid: Add ALWAYS_POLL quirk for some mice (git-fixes).\n- HID: wacom: Ensure bootloader PID is usable in hidraw mode (git-fixes).\n- HSI: omap_ssi_core: Fix error handling in ssi_init() (git-fixes).\n- HSI: omap_ssi_core: fix possible memory leak in ssi_probe() (git-fixes).\n- HSI: omap_ssi_core: fix unbalanced pm_runtime_disable() (git-fixes).\n- hwmon: (jc42) Convert register access and caching to regmap/regcache (git-fixes).\n- hwmon: (jc42) Fix missing unlock on error in jc42_write() (git-fixes).\n- hwmon: (jc42) Restore the min/max/critical temperatures on resume (git-fixes).\n- hwrng: amd - Fix PCI device refcount leak (git-fixes).\n- i2c: ismt: Fix an out-of-bounds bug in ismt_access() (git-fixes).\n- i2c: mux: reg: check return value after calling platform_get_resource() (git-fixes).\n- i2c: pxa-pci: fix missing pci_disable_device() on error in ce4100_i2c_probe (git-fixes).\n- IB/IPoIB: Fix queue count inconsistency for PKEY child interfaces (git-fixes)\n- ibmveth: Always stop tx queues during close (bsc#1065729).\n- iio: adc: ad_sigma_delta: do not use internal iio_dev lock (git-fixes).\n- iio: adc128s052: add proper .data members in adc128_of_match table (git-fixes).\n- iio: fix memory leak in iio_device_register_eventset() (git-fixes).\n- iio: temperature: ltc2983: make bulk write buffer DMA-safe (git-fixes).\n- ima: Fix a potential NULL pointer access in ima_restore_measurement_list (git-fixes).\n- Input: elants_i2c - properly handle the reset GPIO when power is off (git-fixes).\n- Input: joystick - fix Kconfig warning for JOYSTICK_ADC (git-fixes).\n- Input: wistron_btns - disable on UML (git-fixes).\n- integrity: Fix memory leakage in keyring allocation error path (git-fixes).\n- ipmi: fix long wait in unload when IPMI disconnect (git-fixes).\n- ipmi: fix memleak when unload ipmi driver (git-fixes).\n- ipmi: fix use after free in _ipmi_destroy_user() (git-fixes).\n- ipmi: kcs: Poll OBF briefly to reduce OBE latency (git-fixes).\n- ipu3-imgu: Fix NULL pointer dereference in imgu_subdev_set_selection() (git-fixes).\n- kABI: reintroduce a non-inline usleep_range (git-fixes).\n- lib/debugobjects: fix stat count and optimize debug_objects_mem_init (git-fixes).\n- lib/fonts: fix undefined behavior in bit shift for get_default_font (git-fixes).\n- mailbox: arm_mhuv2: Fix return value check in mhuv2_probe() (git-fixes).\n- mailbox: mpfs: read the system controller's status (git-fixes).\n- mailbox: zynq-ipi: fix error handling while device_register() fails (git-fixes).\n- media: adv748x: afe: Select input port when initializing AFE (git-fixes).\n- media: camss: Clean up received buffers on failed start of streaming (git-fixes).\n- media: dvb-core: Fix double free in dvb_register_device() (git-fixes).\n- media: dvb-core: Fix ignored return value in dvb_register_frontend() (git-fixes).\n- media: dvb-frontends: fix leak of memory fw (git-fixes).\n- media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer() (git-fixes).\n- media: dvb-usb: fix memory leak in dvb_usb_adapter_init() (git-fixes).\n- media: i2c: ad5820: Fix error path (git-fixes).\n- media: imon: fix a race condition in send_packet() (git-fixes).\n- media: saa7164: fix missing pci_disable_device() (git-fixes).\n- media: si470x: Fix use-after-free in si470x_int_in_callback() (git-fixes).\n- media: solo6x10: fix possible memory leak in solo_sysfs_init() (git-fixes).\n- media: stv0288: use explicitly signed char (git-fixes).\n- media: v4l2-ctrls: Fix off-by-one error in integer menu control check (git-fixes).\n- media: v4l2-dv-timings.c: fix too strict blanking sanity checks (git-fixes).\n- media: videobuf-dma-contig: use dma_mmap_coherent (git-fixes).\n- media: vidtv: Fix use-after-free in vidtv_bridge_dvb_init() (git-fixes).\n- media: vimc: Fix wrong function called when vimc_init() fails (git-fixes).\n- media: vivid: fix compose size exceed boundary (git-fixes).\n- memcg, kmem: further deprecate kmem.limit_in_bytes (bsc#1206896).\n- memcg: Fix possible use-after-free in memcg_write_event_control() (bsc#1206344).\n- mfd: bd957x: Fix Kconfig dependency on REGMAP_IRQ (git-fixes).\n- mfd: mt6360: Add bounds checking in Regmap read/write call-backs (git-fixes).\n- mfd: pm8008: Fix return value check in pm8008_probe() (git-fixes).\n- mfd: pm8008: Remove driver data structure pm8008_data (git-fixes).\n- mfd: qcom_rpm: Fix an error handling path in qcom_rpm_probe() (git-fixes).\n- mfd: qcom_rpm: Use devm_of_platform_populate() to simplify code (git-fixes).\n- misc: ocxl: fix possible name leak in ocxl_file_register_afu() (git-fixes).\n- misc: tifm: fix possible memory leak in tifm_7xx1_switch_media() (git-fixes).\n- mISDN: hfcmulti: do not call dev_kfree_skb/kfree_skb() under spin_lock_irqsave() (git-fixes).\n- mISDN: hfcpci: do not call dev_kfree_skb/kfree_skb() under spin_lock_irqsave() (git-fixes).\n- mISDN: hfcsusb: do not call dev_kfree_skb/kfree_skb() under spin_lock_irqsave() (git-fixes).\n- mm: fix race between MADV_FREE reclaim and blkdev direct IO read (bsc#1204989,bsc#1205601).\n- mm/mempolicy: fix memory leak in set_mempolicy_home_node system call (bsc#1206468).\n- mmc: alcor: fix return value check of mmc_add_host() (git-fixes).\n- mmc: atmel-mci: fix return value check of mmc_add_host() (git-fixes).\n- mmc: core: Normalize the error handling branch in sd_read_ext_regs() (git-fixes).\n- mmc: f-sdh30: Add quirks for broken timeout clock capability (git-fixes).\n- mmc: meson-gx: fix return value check of mmc_add_host() (git-fixes).\n- mmc: mmci: fix return value check of mmc_add_host() (git-fixes).\n- mmc: moxart: fix return value check of mmc_add_host() (git-fixes).\n- mmc: mtk-sd: Fix missing clk_disable_unprepare in msdc_of_clock_parse() (git-fixes).\n- mmc: mxcmmc: fix return value check of mmc_add_host() (git-fixes).\n- mmc: omap_hsmmc: fix return value check of mmc_add_host() (git-fixes).\n- mmc: pxamci: fix return value check of mmc_add_host() (git-fixes).\n- mmc: renesas_sdhi: alway populate SCC pointer (git-fixes).\n- mmc: renesas_sdhi: better reset from HS400 mode (git-fixes).\n- mmc: rtsx_pci: fix return value check of mmc_add_host() (git-fixes).\n- mmc: rtsx_usb_sdmmc: fix return value check of mmc_add_host() (git-fixes).\n- mmc: sdhci-sprd: Disable CLK_AUTO when the clock is less than 400K (git-fixes).\n- mmc: toshsd: fix return value check of mmc_add_host() (git-fixes).\n- mmc: via-sdmmc: fix return value check of mmc_add_host() (git-fixes).\n- mmc: vub300: fix return value check of mmc_add_host() (git-fixes).\n- mmc: vub300: fix warning - do not call blocking ops when !TASK_RUNNING (git-fixes).\n- mmc: wbsd: fix return value check of mmc_add_host() (git-fixes).\n- mmc: wmt-sdmmc: fix return value check of mmc_add_host() (git-fixes).\n- module: change to print useful messages from elf_validity_check() (git-fixes).\n- module: fix [e_shstrndx].sh_size=0 OOB access (git-fixes).\n- mt76: stop the radar detector after leaving dfs channel (git-fixes).\n- mtd: Fix device name leak when register device failed in add_mtd_device() (git-fixes).\n- mtd: lpddr2_nvm: Fix possible null-ptr-deref (git-fixes).\n- mtd: maps: pxa2xx-flash: fix memory leak in probe (git-fixes).\n- mtd: spi-nor: Check for zero erase size in spi_nor_find_best_erase_type() (git-fixes).\n- mtd: spi-nor: Fix the number of bytes for the dummy cycles (git-fixes).\n- mtd: spi-nor: hide jedec_id sysfs attribute if not present (git-fixes).\n- net: allow retransmitting a TCP packet if original is still in queue (bsc#1188605 bsc#1187428 bsc#1206619).\n- net: mana: Fix race on per-CQ variable napi work_done (git-fixes).\n- net: phy: xgmiitorgmii: Fix refcount leak in xgmiitorgmii_probe (git-fixes).\n- net: usb: qmi_wwan: add u-blox 0x1342 composition (git-fixes).\n- net: usb: smsc95xx: fix external PHY reset (git-fixes).\n- net/mlx5: Fix mlx5_get_next_dev() peer device matching (bsc#1206536).\n- net/mlx5: Lag, filter non compatible devices (bsc#1206536).\n- netfilter: nfnetlink_osf: fix possible bogus match in nf_osf_find() (bsc#1204614).\n- nfc: Fix potential resource leaks (git-fixes).\n- nfc: pn533: Clear nfc_target before being used (git-fixes).\n- nfc: pn533: Wait for out_urb's completion in pn533_usb_send_frame() (git-fixes).\n- NFS: Handle missing attributes in OPEN reply (bsc#1203740).\n- nilfs2: fix shift-out-of-bounds due to too large exponent of block size (git-fixes).\n- nilfs2: fix shift-out-of-bounds/overflow in nilfs_sb2_bad_offset() (git-fixes).\n- octeontx2-af: Add PTP PPS Errata workaround on CN10K silicon (jsc#SLE-24682).\n- octeontx2-af: Allow mkex profile without DMAC and add L2M/L2B header extraction support (jsc#SLE-24682).\n- octeontx2-af: Do not reset previous pfc config (jsc#SLE-24682).\n- octeontx2-af: fix operand size in bitwise operation (jsc#SLE-24682).\n- octeontx2-af: Initialize PTP_SEC_ROLLOVER register properly (jsc#SLE-24682).\n- octeontx2-af: Limit link bringup time at firmware (jsc#SLE-24682).\n- octeontx2-af: return correct ptp timestamp for CN10K silicon (jsc#SLE-24682).\n- octeontx2-af: Set NIX link credits based on max LMAC (jsc#SLE-24682).\n- octeontx2-af: Skip CGX/RPM probe incase of zero lmac count (jsc#SLE-24682).\n- octeontx2-pf: Add egress PFC support (jsc#SLE-24682).\n- octeontx2-pf: Add support for ptp 1-step mode on CN10K silicon (jsc#SLE-24682).\n- octeontx2-pf: Fix lmtst ID used in aura free (jsc#SLE-24682).\n- octeontx2-pf: Fix pfc_alloc_status array overflow (jsc#SLE-24682).\n- octeontx2-pf: Fix SQE threshold checking (jsc#SLE-24682).\n- octeontx2-pf: Fix unused variable build error (jsc#SLE-24682).\n- octeontx2-pf: NIX TX overwrites SQ_CTX_HW_S[SQ_INT] (jsc#SLE-24682).\n- octeontx2-pf: Reduce minimum mtu size to 60 (jsc#SLE-24682).\n- octeontx2: Modify mbox request and response structures (jsc#SLE-24682).\n- padata: Fix list iterator in padata_do_serial() (git-fixes).\n- PCI: Check for alloc failure in pci_request_irq() (git-fixes).\n- PCI: dwc: Fix n_fts[] array overrun (git-fixes).\n- PCI: Fix pci_device_is_present() for VFs by checking PF (git-fixes).\n- PCI: pci-epf-test: Register notifier if only core_init_notifier is enabled (git-fixes).\n- PCI: vmd: Disable MSI remapping after suspend (git-fixes).\n- PCI/sysfs: Fix double free in error path (git-fixes).\n- phy: usb: s2 WoL wakeup_count not incremented for USB->Eth devices (git-fixes).\n- pinctrl: k210: call of_node_put() (git-fixes).\n- pinctrl: meditatek: Startup with the IRQs disabled (git-fixes).\n- pinctrl: pinconf-generic: add missing of_node_put() (git-fixes).\n- platform/chrome: cros_ec_typec: Cleanup switch handle return paths (git-fixes).\n- platform/chrome: cros_usbpd_notify: Fix error handling in cros_usbpd_notify_init() (git-fixes).\n- platform/mellanox: mlxbf-pmc: Fix event typo (git-fixes).\n- platform/x86: huawei-wmi: fix return value calculation (git-fixes).\n- platform/x86: intel_scu_ipc: fix possible name leak in __intel_scu_ipc_register() (git-fixes).\n- platform/x86: mxm-wmi: fix memleak in mxm_wmi_call_mx[ds|mx]() (git-fixes).\n- PM: hibernate: Fix mistake in kerneldoc comment (git-fixes).\n- PM: runtime: Do not call __rpm_callback() from rpm_idle() (git-fixes).\n- PNP: fix name memory leak in pnp_alloc_dev() (git-fixes).\n- power: supply: ab8500: Fix error handling in ab8500_charger_init() (git-fixes).\n- power: supply: fix null pointer dereferencing in power_supply_get_battery_info (git-fixes).\n- power: supply: fix residue sysfs file in error handle route of __power_supply_register() (git-fixes).\n- power: supply: z2_battery: Fix possible memleak in z2_batt_probe() (git-fixes).\n- powerpc: export the CPU node count (bsc#1207016 ltc#201108).\n- powerpc: Take in account addition CPU node when building kexec FDT (bsc#1207016 ltc#201108).\n- powerpc/64: Init jump labels before parse_early_param() (bsc#1065729).\n- powerpc/pci: Fix get_phb_number() locking (bsc#1065729).\n- powerpc/perf: callchain validate kernel stack pointer bounds (bsc#1065729).\n- powerpc/powernv: add missing of_node_put (bsc#1065729).\n- powerpc/pseries: unregister VPA when hot unplugging a CPU (bsc#1205695 ltc#200603).\n- powerpc/pseries/eeh: use correct API for error log size (bsc#1065729).\n- powerpc/xive: add missing iounmap() in error path in xive_spapr_populate_irq_data() (git-fixes).\n- powerpc/xive/spapr: correct bitmap allocation size (git-fixes).\n- proc: fixup uptime selftest (git-fixes).\n- pstore: Avoid kcore oops by vmap()ing with VM_IOREMAP (git-fixes).\n- pstore: Make sure CONFIG_PSTORE_PMSG selects CONFIG_RT_MUTEXES (git-fixes).\n- pstore: Properly assign mem_type property (git-fixes).\n- pstore: Switch pmsg_lock to an rt_mutex to avoid priority inversion (git-fixes).\n- pstore/ram: Fix error return code in ramoops_probe() (git-fixes).\n- pstore/zone: Use GFP_ATOMIC to allocate zone buffer (git-fixes).\n- pwm: lpc18xx-sct: Fix a comment to match code (git-fixes).\n- pwm: mediatek: always use bus clock for PWM on MT7622 (git-fixes).\n- pwm: sifive: Call pwm_sifive_update_clock() while mutex is held (git-fixes).\n- pwm: tegra: Improve required rate calculation (git-fixes).\n- r6040: Fix kmemleak in probe and remove (git-fixes).\n- random: allow partial reads if later user copies fail (bsc#1204911).\n- random: check for signals every PAGE_SIZE chunk of /dev/random (bsc#1204911).\n- random: convert to using fops->read_iter() (bsc#1204911).\n- random: convert to using fops->write_iter() (bsc#1204911).\n- random: remove outdated INT_MAX >> 6 check in urandom_read() (bsc#1204911).\n- random: zero buffer after reading entropy from userspace (bsc#1204911).\n- RDMA: Disable IB HW for UML (git-fixes)\n- RDMA/core: Fix order of nldev_exit call (git-fixes)\n- RDMA/core: Make sure 'ib_port' is valid when access sysfs node (git-fixes)\n- RDMA/efa: Add EFA 0xefa2 PCI ID (git-fixes)\n- RDMA/hfi: Decrease PCI device reference count in error path (git-fixes)\n- RDMA/hfi1: Fix error return code in parse_platform_config() (git-fixes)\n- RDMA/hns: Fix AH attr queried by query_qp (git-fixes)\n- RDMA/hns: Fix error code of CMD (git-fixes)\n- RDMA/hns: Fix ext_sge num error when post send (git-fixes)\n- RDMA/hns: fix memory leak in hns_roce_alloc_mr() (git-fixes)\n- RDMA/hns: Fix page size cap from firmware (git-fixes)\n- RDMA/hns: Fix PBL page MTR find (git-fixes)\n- RDMA/hns: Fix XRC caps on HIP08 (git-fixes)\n- RDMA/hns: Repacing 'dseg_len' by macros in fill_ext_sge_inl_data() (git-fixes)\n- RDMA/irdma: Do not request 2-level PBLEs for CQ alloc (git-fixes)\n- RDMA/irdma: Initialize net_type before checking it (git-fixes)\n- RDMA/irdma: Report the correct link speed (git-fixes)\n- RDMA/nldev: Add checks for nla_nest_start() in fill_stat_counter_qps() (git-fixes)\n- RDMA/nldev: Fix failure to send large messages (git-fixes)\n- RDMA/nldev: Return '-EAGAIN' if the cm_id isn't from expected port (git-fixes)\n- RDMA/restrack: Release MR restrack when delete (git-fixes)\n- RDMA/rxe: Fix NULL-ptr-deref in rxe_qp_do_cleanup() when socket create failed (git-fixes)\n- RDMA/siw: Fix immediate work request flush to completion queue (git-fixes)\n- RDMA/siw: Fix pointer cast warning (git-fixes)\n- RDMA/siw: Set defined status for work completion with undefined status (git-fixes)\n- RDMA/srp: Fix error return code in srp_parse_options() (git-fixes)\n- regulator: bd718x7: Drop unnecessary info print (git-fixes).\n- regulator: core: fix deadlock on regulator enable (git-fixes).\n- regulator: core: fix module refcount leak in set_supply() (git-fixes).\n- regulator: core: fix resource leak in regulator_register() (git-fixes).\n- regulator: core: fix unbalanced of node refcount in regulator_dev_lookup() (git-fixes).\n- regulator: core: fix use_count leakage when handling boot-on (git-fixes).\n- regulator: core: use kfree_const() to free space conditionally (git-fixes).\n- regulator: qcom-labibb: Fix missing of_node_put() in qcom_labibb_regulator_probe() (git-fixes).\n- regulator: qcom-rpmh: Fix PMR735a S3 regulator spec (git-fixes).\n- regulator: slg51000: Wait after asserting CS pin (git-fixes).\n- regulator: twl6030: fix get status of twl6032 regulators (git-fixes).\n- remoteproc: core: Do pm_relax when in RPROC_OFFLINE state (git-fixes).\n- remoteproc: qcom_q6v5_pas: detach power domains on remove (git-fixes).\n- remoteproc: qcom_q6v5_pas: disable wakeup on probe fail or remove (git-fixes).\n- remoteproc: qcom_q6v5_pas: Fix missing of_node_put() in adsp_alloc_memory_region() (git-fixes).\n- remoteproc: qcom: q6v5: Fix missing clk_disable_unprepare() in q6v5_wcss_qcs404_power_on() (git-fixes).\n- remoteproc: qcom: q6v5: Fix potential null-ptr-deref in q6v5_wcss_init_mmio() (git-fixes).\n- remoteproc: sysmon: fix memory leak in qcom_add_sysmon_subdev() (git-fixes).\n- rtc: cmos: fix build on non-ACPI platforms (git-fixes).\n- rtc: cmos: Fix event handler registration ordering issue (git-fixes).\n- rtc: cmos: Fix wake alarm breakage (git-fixes).\n- rtc: ds1347: fix value written to century register (git-fixes).\n- rtc: mxc_v2: Add missing clk_disable_unprepare() (git-fixes).\n- rtc: pcf85063: fix pcf85063_clkout_control (gut-fixes).\n- rtc: pcf85063: Fix reading alarm (git-fixes).\n- rtc: pic32: Move devm_rtc_allocate_device earlier in pic32_rtc_probe() (git-fixes).\n- rtc: rtc-cmos: Do not check ACPI_FADT_LOW_POWER_S0 (git-fixes).\n- rtc: snvs: Allow a time difference on clock register read (git-fixes).\n- rtc: st-lpc: Add missing clk_disable_unprepare in st_rtc_probe() (git-fixes).\n- rtmutex: Add acquire semantics for rtmutex lock acquisition slow path (bnc#1203829).\n- s390/boot: add secure boot trailer (bsc#1205257 LTC#200451).\n- sbitmap: fix lockup while swapping (bsc#1206602).\n- sched/core: Fix comparison in sched_group_cookie_match() (git-fixes)\n- sched/core: Fix the bug that task won't enqueue into core (git-fixes)\n- sched/topology: Remove redundant variable and fix incorrect (git-fixes)\n- sched/uclamp: Fix relationship between uclamp and migration (git-fixes)\n- sched/uclamp: Make task_fits_capacity() use util_fits_cpu() (git-fixes)\n- scsi: 3w-9xxx: Avoid disabling device if failing to enable it (git-fixes).\n- scsi: advansys: Fix kernel pointer leak (git-fixes).\n- scsi: aha152x: Fix aha152x_setup() __setup handler return value (git-fixes).\n- scsi: bfa: Replace snprintf() with sysfs_emit() (git-fixes).\n- scsi: core: Fix sbitmap depth in scsi_realloc_sdev_budget_map() (git-fixes).\n- scsi: core: Fix scsi_mode_sense() buffer length handling (git-fixes).\n- scsi: core: Reallocate device's budget map on queue depth change (git-fixes).\n- scsi: core: Restrict legal sdev_state transitions via sysfs (git-fixes).\n- scsi: hisi_sas: Free irq vectors in order for v3 HW (git-fixes).\n- scsi: hisi_sas: Limit max hw sectors for v3 HW (git-fixes).\n- scsi: hisi_sas: Use managed PCI functions (git-fixes).\n- scsi: ipr: Fix missing/incorrect resource cleanup in error case (git-fixes).\n- scsi: iscsi: Add recv workqueue helpers (git-fixes).\n- scsi: iscsi: Fix harmless double shift bug (git-fixes).\n- scsi: iscsi: Fix possible memory leak when device_register() failed (git-fixes).\n- scsi: iscsi: iscsi_tcp: Fix null-ptr-deref while calling getpeername() (git-fixes).\n- scsi: iscsi: kabi: add iscsi_conn_queue_work back (git-fixes).\n- scsi: iscsi: kabi: fix libiscsi new field (git-fixes).\n- scsi: iscsi: Merge suspend fields (git-fixes).\n- scsi: iscsi: Rename iscsi_conn_queue_work() (git-fixes).\n- scsi: iscsi: Run recv path from workqueue (git-fixes).\n- scsi: iscsi: Unblock session then wake up error handler (git-fixes).\n- scsi: libfc: Fix use after free in fc_exch_abts_resp() (git-fixes).\n- scsi: libiscsi: Fix UAF in iscsi_conn_get_param()/iscsi_conn_teardown() (git-fixes).\n- scsi: lpfc: Correct bandwidth logging during receipt of congestion sync WCQE (jsc#PED-1445).\n- scsi: lpfc: Fix crash involving race between FLOGI timeout and devloss handler (jsc#PED-1445).\n- scsi: lpfc: Fix MI capability display in cmf_info sysfs attribute (jsc#PED-1445).\n- scsi: lpfc: Fix WQ|CQ|EQ resource check (jsc#PED-1445).\n- scsi: lpfc: Remove linux/msi.h include (jsc#PED-1445).\n- scsi: lpfc: Remove redundant pointer 'lp' (jsc#PED-1445).\n- scsi: lpfc: Update lpfc version to 14.2.0.9 (jsc#PED-1445).\n- scsi: lpfc: Use memset_startat() helper (jsc#PED-1445).\n- scsi: megaraid_sas: Fix double kfree() (git-fixes).\n- scsi: megaraid_sas: Target with invalid LUN ID is deleted during scan (git-fixes).\n- scsi: megaraid: Fix error check return value of register_chrdev() (git-fixes).\n- scsi: mpi3mr: Fix memory leaks (git-fixes).\n- scsi: mpi3mr: Fix reporting of actual data transfer size (git-fixes).\n- scsi: mpi3mr: Fixes around reply request queues (git-fixes).\n- scsi: mpt3sas: Do not change DMA mask while reallocating pools (bsc#1206912,bsc#1206098).\n- scsi: mpt3sas: Fail reset operation if config request timed out (git-fixes).\n- scsi: mpt3sas: Fix out-of-bounds compiler warning (git-fixes).\n- scsi: mpt3sas: re-do lost mpt3sas DMA mask fix (bsc#1206912,bsc#1206098).\n- scsi: mpt3sas: Remove usage of dma_get_required_mask() API (bsc#1206912,bsc#1206098).\n- scsi: mvsas: Add PCI ID of RocketRaid 2640 (git-fixes).\n- scsi: mvsas: Replace snprintf() with sysfs_emit() (git-fixes).\n- scsi: myrb: Fix up null pointer access on myrb_cleanup() (git-fixes).\n- scsi: myrs: Fix crash in error case (git-fixes).\n- scsi: ncr53c8xx: Remove unused retrieve_from_waiting_list() function (git-fixes).\n- scsi: pm8001: Fix bogus FW crash for maxcpus=1 (git-fixes).\n- scsi: pm8001: Fix memory leak in pm8001_chip_fw_flash_update_req() (git-fixes).\n- scsi: pm8001: Fix pm8001_mpi_task_abort_resp() (git-fixes).\n- scsi: pm8001: Fix pm80xx_pci_mem_copy() interface (git-fixes).\n- scsi: pm8001: Fix tag leaks on error (git-fixes).\n- scsi: pm8001: Fix task leak in pm8001_send_abort_all() (git-fixes).\n- scsi: pm8001: Fix use-after-free for aborted SSP/STP sas_task (git-fixes).\n- scsi: pm8001: Fix use-after-free for aborted TMF sas_task (git-fixes).\n- scsi: pm80xx: Fix double completion for SATA devices (git-fixes).\n- scsi: pm80xx: Fix memory leak during rmmod (git-fixes).\n- scsi: pmcraid: Fix missing resource cleanup in error case (git-fixes).\n- scsi: qedf: Add stag_work to all the vports (git-fixes).\n- scsi: qedf: Change context reset messages to ratelimited (git-fixes).\n- scsi: qedf: Fix a UAF bug in __qedf_probe() (git-fixes).\n- scsi: qedf: Fix refcount issue when LOGO is received during TMF (git-fixes).\n- scsi: qla2xxx: Fix crash when I/O abort times out (jsc#PED-568).\n- scsi: qla2xxx: Fix set-but-not-used variable warnings (jsc#PED-568).\n- scsi: qla2xxx: Initialize vha->unknown_atio_[list, work] for NPIV hosts (jsc#PED-568).\n- scsi: qla2xxx: Remove duplicate of vha->iocb_work initialization (jsc#PED-568).\n- scsi: qla2xxx: Remove unused variable 'found_devs' (jsc#PED-568).\n- scsi: scsi_debug: Fix out-of-bound read in resp_readcap16() (git-fixes).\n- scsi: scsi_debug: Fix out-of-bound read in resp_report_tgtpgs() (git-fixes).\n- scsi: scsi_debug: Fix possible UAF in sdebug_add_host_helper() (git-fixes).\n- scsi: scsi_debug: Make the READ CAPACITY response compliant with ZBC (git-fixes).\n- scsi: scsi_dh_alua: Properly handle the ALUA transitioning state (git-fixes).\n- scsi: smartpqi: Fix kdump issue when controller is locked up (git-fixes).\n- scsi: sr: Do not use GFP_DMA (git-fixes).\n- scsi: ufs: core: Fix ufshcd_probe_hba() prototype to match the definition (git-fixes).\n- scsi: ufs: Fix a kernel crash during shutdown (git-fixes).\n- scsi: ufs: Treat link loss as fatal error (git-fixes).\n- scsi: ufs: ufshcd-pltfrm: Check the return value of devm_kstrdup() (git-fixes).\n- scsi: ufs: Use generic error code in ufshcd_set_dev_pwr_mode() (git-fixes).\n- scsi: ufs: Use pm_runtime_resume_and_get() instead of pm_runtime_get_sync() (git-fixes).\n- scsi: vmw_pvscsi: Expand vcpuHint to 16 bits (git-fixes).\n- sctp: sysctl: make extra pointers netns aware (bsc#1204760).\n- selftests: devlink: fix the fd redirect in dummy_reporter_test (git-fixes).\n- selftests: set the BUILD variable to absolute path (git-fixes).\n- selftests: Use optional USERCFLAGS and USERLDFLAGS (git-fixes).\n- selftests/efivarfs: Add checking of the test return value (git-fixes).\n- selftests/ftrace: event_triggers: wait longer for test_event_enable (git-fixes).\n- selftests/powerpc: Fix resource leaks (git-fixes).\n- serial: 8250_bcm7271: Fix error handling in brcmuart_init() (git-fixes).\n- serial: amba-pl011: avoid SBSA UART accessing DMACR register (git-fixes).\n- serial: pch: Fix PCI device refcount leak in pch_request_dma() (git-fixes).\n- serial: pl011: Do not clear RX FIFO & RX interrupt in unthrottle (git-fixes).\n- serial: stm32: move dma_request_chan() before clk_prepare_enable() (git-fixes).\n- serial: sunsab: Fix error handling in sunsab_init() (git-fixes).\n- serial: tegra: Read DMA status before terminating (git-fixes).\n- soc: mediatek: pm-domains: Fix the power glitch issue (git-fixes).\n- soc: qcom: llcc: make irq truly optional (git-fixes).\n- soc: qcom: Select REMAP_MMIO for LLCC driver (git-fixes).\n- soc: ti: knav_qmss_queue: Fix PM disable depth imbalance in knav_queue_probe (git-fixes).\n- soc: ti: knav_qmss_queue: Use pm_runtime_resume_and_get instead of pm_runtime_get_sync (git-fixes).\n- soc: ti: smartreflex: Fix PM disable depth imbalance in omap_sr_probe (git-fixes).\n- soundwire: dmi-quirks: add quirk variant for LAPBC710 NUC15 (git-fixes).\n- spi: spi-gpio: Do not set MOSI as an input if not 3WIRE mode (git-fixes).\n- spi: spidev: mask SPI_CS_HIGH in SPI_IOC_RD_MODE (git-fixes).\n- spi: Update reference to struct spi_controller (git-fixes).\n- staging: media: tegra-video: fix chan->mipi value on error (git-fixes).\n- staging: media: tegra-video: fix device_node use after free (git-fixes).\n- staging: rtl8192e: Fix potential use-after-free in rtllib_rx_Monitor() (git-fixes).\n- staging: rtl8192u: Fix use after free in ieee80211_rx() (git-fixes).\n- string.h: Introduce memset_startat() for wiping trailing members and padding (jsc#PED-1445).\n- test_firmware: fix memory leak in test_firmware_init() (git-fixes).\n- thermal: core: fix some possible name leaks in error paths (git-fixes).\n- thermal: int340x: Add missing attribute for data rate base (git-fixes).\n- thermal/drivers/imx8mm_thermal: Validate temperature range (git-fixes).\n- thermal/drivers/qcom/temp-alarm: Fix inaccurate warning for gen2 (git-fixes).\n- timers: implement usleep_idle_range() (git-fixes).\n- tpm: acpi: Call acpi_put_table() to fix memory leak (git-fixes).\n- tpm: tpm_crb: Add the missed acpi_put_table() to fix memory leak (git-fixes).\n- tpm: tpm_tis: Add the missed acpi_put_table() to fix memory leak (git-fixes).\n- tpm/tpm_crb: Fix error message in __crb_relinquish_locality() (git-fixes).\n- tpm/tpm_ftpm_tee: Fix error handling in ftpm_mod_init() (git-fixes).\n- tracing: Add tracing_reset_all_online_cpus_unlocked() function (git-fixes).\n- tracing: Free buffers when a used dynamic event is removed (git-fixes).\n- tracing/doc: Fix typos on the timerlat tracer documentation (git-fixes).\n- tracing/osnoise: Fix duration type (git-fixes).\n- tty: serial: altera_uart_{r,t}x_chars() need only uart_port (git-fixes).\n- tty: serial: clean up stop-tx part in altera_uart_tx_chars() (git-fixes).\n- uio: uio_dmem_genirq: Fix deadlock between irq config and handling (git-fixes).\n- uio: uio_dmem_genirq: Fix missing unlock in irq configuration (git-fixes).\n- units: Add SI metric prefix definitions (git-fixes).\n- units: add the HZ macros (git-fixes).\n- usb: cdnsp: fix lack of ZLP for ep0 (git-fixes).\n- usb: dwc3: core: defer probe on ulpi_read_id timeout (git-fixes).\n- usb: dwc3: fix PHY disable sequence (git-fixes).\n- usb: dwc3: Fix race between dwc3_set_mode and __dwc3_set_mode (git-fixes).\n- usb: dwc3: gadget: Disable GUSB2PHYCFG.SUSPHY for End Transfer (git-fixes).\n- usb: dwc3: pci: Update PCIe device ID for USB3 controller on CPU sub-system for Raptor Lake (git-fixes).\n- usb: dwc3: qcom: fix runtime PM wakeup (git-fixes).\n- usb: gadget: uvc: Prevent buffer overflow in setup handler (git-fixes).\n- usb: gadget: uvc: Rename bmInterfaceFlags -> bmInterlaceFlags (git-fixes).\n- usb: rndis_host: Secure rndis_query check against int overflow (git-fixes).\n- usb: roles: fix of node refcount leak in usb_role_switch_is_parent() (git-fixes).\n- usb: serial: cp210x: add Kamstrup RF sniffer PIDs (git-fixes).\n- usb: serial: f81232: fix division by zero on line-speed change (git-fixes).\n- usb: serial: f81534: fix division by zero on line-speed change (git-fixes).\n- usb: serial: option: add Quectel EM05-G modem (git-fixes).\n- usb: storage: Add check for kcalloc (git-fixes).\n- usb: typec: Check for ops->exit instead of ops->enter in altmode_exit (git-fixes).\n- usb: typec: Factor out non-PD fwnode properties (git-fixes).\n- usb: typec: tcpci: fix of node refcount leak in tcpci_register_port() (git-fixes).\n- usb: typec: tipd: Cleanup resources if devm_tps6598_psy_register fails (git-fixes).\n- usb: typec: tipd: Fix spurious fwnode_handle_put in error path (git-fixes).\n- usb: ulpi: defer ulpi_register on ulpi_read_id timeout (git-fixes).\n- usb: xhci-mtk: fix leakage of shared hcd when fail to set wakeup irq (git-fixes).\n- vdpa_sim: fix possible memory leak in vdpasim_net_init() and vdpasim_blk_init() (git-fixes).\n- vdpa_sim: fix vringh initialization in vdpasim_queue_ready() (git-fixes).\n- vfio: platform: Do not pass return buffer to ACPI _RST method (git-fixes).\n- vhost: fix range used in translate_desc() (git-fixes).\n- vhost/vsock: Fix error handling in vhost_vsock_init() (git-fixes).\n- vmxnet3: correctly report csum_level for encapsulated packet (git-fixes).\n- vringh: fix range used in iotlb_translate() (git-fixes).\n- vsock: Enable y2038 safe timeval for timeout (bsc#1206101).\n- vsock: Refactor vsock_*_getsockopt to resemble sock_getsockopt (bsc#1206101).\n- wifi: ar5523: Fix use-after-free on ar5523_cmd() timed out (git-fixes).\n- wifi: ath10k: Fix return value in ath10k_pci_init() (git-fixes).\n- wifi: ath9k: hif_usb: fix memory leak of urbs in ath9k_hif_usb_dealloc_tx_urbs() (git-fixes).\n- wifi: ath9k: hif_usb: Fix use-after-free in ath9k_hif_usb_reg_in_cb() (git-fixes).\n- wifi: ath9k: verify the expected usb_endpoints are present (git-fixes).\n- wifi: brcmfmac: Fix error return code in brcmf_sdio_download_firmware() (git-fixes).\n- wifi: brcmfmac: Fix potential shift-out-of-bounds in brcmf_fw_alloc_request() (git-fixes).\n- wifi: cfg80211: Fix not unregister reg_pdev when load_builtin_regdb_keys() fails (git-fixes).\n- wifi: iwlwifi: mvm: fix double free on tx path (git-fixes).\n- wifi: mac80211: fix memory leak in ieee80211_if_add() (git-fixes).\n- wifi: mt76: do not run mt76u_status_worker if the device is not running (git-fixes).\n- wifi: mt76: fix coverity overrun-call in mt76_get_txpower() (git-fixes).\n- wifi: rsi: Fix handling of 802.3 EAPOL frames sent via control port (git-fixes).\n- wifi: rtl8xxxu: Add __packed to struct rtl8723bu_c2h (git-fixes).\n- wifi: rtl8xxxu: Fix the channel width reporting (git-fixes).\n- wifi: rtl8xxxu: gen2: Turn on the rate control (git-fixes).\n- wifi: rtw89: fix physts IE page check (git-fixes).\n- wifi: rtw89: Fix some error handling path in rtw89_core_sta_assoc() (git-fixes).\n- wifi: rtw89: use u32_encode_bits() to fill MAC quota value (git-fixes).\n- wifi: wilc1000: sdio: fix module autoloading (git-fixes).\n- xfrm: Fix oops in __xfrm_state_delete() (bsc#1206794).\n- xhci: Apply XHCI_RESET_TO_DEFAULT quirk to ADL-N (git-fixes).\n", title: "Description of the patch", }, { category: "details", text: "SUSE-2023-149,SUSE-SLE-Micro-5.3-2023-149,SUSE-SLE-Module-Basesystem-15-SP4-2023-149,SUSE-SLE-Module-Development-Tools-15-SP4-2023-149,SUSE-SLE-Module-Legacy-15-SP4-2023-149,SUSE-SLE-Module-Live-Patching-15-SP4-2023-149,SUSE-SLE-Product-HA-15-SP4-2023-149,SUSE-SLE-Product-WE-15-SP4-2023-149,openSUSE-Leap-Micro-5.3-2023-149,openSUSE-SLE-15.4-2023-149", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_0149-1.json", }, { category: "self", summary: "URL for SUSE-SU-2023:0149-1", url: "https://www.suse.com/support/update/announcement/2023/suse-su-20230149-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2023:0149-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2023-January/013529.html", }, { category: "self", summary: "SUSE Bug 1065729", url: "https://bugzilla.suse.com/1065729", }, { category: "self", summary: "SUSE Bug 1187428", url: "https://bugzilla.suse.com/1187428", }, { category: "self", summary: "SUSE Bug 1188605", url: "https://bugzilla.suse.com/1188605", }, { category: "self", summary: "SUSE Bug 1190969", url: "https://bugzilla.suse.com/1190969", }, { category: "self", summary: "SUSE Bug 1191259", url: "https://bugzilla.suse.com/1191259", }, { category: "self", summary: "SUSE Bug 1193629", url: "https://bugzilla.suse.com/1193629", }, { category: "self", summary: "SUSE Bug 1199294", url: "https://bugzilla.suse.com/1199294", }, { category: "self", summary: "SUSE Bug 1201068", url: "https://bugzilla.suse.com/1201068", }, { category: "self", summary: "SUSE Bug 1203219", url: "https://bugzilla.suse.com/1203219", }, { category: "self", summary: "SUSE Bug 1203740", url: "https://bugzilla.suse.com/1203740", }, { category: "self", summary: "SUSE Bug 1203829", url: "https://bugzilla.suse.com/1203829", }, { category: "self", summary: "SUSE Bug 1204614", url: "https://bugzilla.suse.com/1204614", }, { category: "self", summary: "SUSE Bug 1204652", url: "https://bugzilla.suse.com/1204652", }, { category: "self", summary: "SUSE Bug 1204760", url: "https://bugzilla.suse.com/1204760", }, { category: "self", summary: "SUSE Bug 1204911", url: "https://bugzilla.suse.com/1204911", }, { category: "self", summary: "SUSE Bug 1204989", url: "https://bugzilla.suse.com/1204989", }, { category: "self", summary: "SUSE Bug 1205257", url: "https://bugzilla.suse.com/1205257", }, { category: "self", summary: "SUSE Bug 1205263", url: "https://bugzilla.suse.com/1205263", }, { category: "self", summary: "SUSE Bug 1205485", url: "https://bugzilla.suse.com/1205485", }, { category: "self", summary: "SUSE Bug 1205496", url: "https://bugzilla.suse.com/1205496", }, { category: "self", summary: "SUSE Bug 1205601", url: "https://bugzilla.suse.com/1205601", }, { category: "self", summary: "SUSE Bug 1205695", url: "https://bugzilla.suse.com/1205695", }, { category: "self", summary: "SUSE Bug 1206073", url: "https://bugzilla.suse.com/1206073", }, { category: "self", summary: "SUSE Bug 1206098", url: "https://bugzilla.suse.com/1206098", }, { category: "self", summary: "SUSE Bug 1206101", url: "https://bugzilla.suse.com/1206101", }, { category: "self", summary: "SUSE Bug 1206188", url: "https://bugzilla.suse.com/1206188", }, { category: "self", summary: "SUSE Bug 1206209", url: "https://bugzilla.suse.com/1206209", }, { category: "self", summary: "SUSE Bug 1206273", url: "https://bugzilla.suse.com/1206273", }, { category: "self", summary: "SUSE Bug 1206344", url: "https://bugzilla.suse.com/1206344", }, { category: "self", summary: "SUSE Bug 1206389", url: "https://bugzilla.suse.com/1206389", }, { category: "self", summary: "SUSE Bug 1206390", url: "https://bugzilla.suse.com/1206390", }, { category: "self", summary: "SUSE Bug 1206391", url: "https://bugzilla.suse.com/1206391", }, { category: "self", summary: "SUSE Bug 1206393", url: "https://bugzilla.suse.com/1206393", }, { category: "self", summary: "SUSE Bug 1206394", url: "https://bugzilla.suse.com/1206394", }, { category: "self", summary: "SUSE Bug 1206395", url: "https://bugzilla.suse.com/1206395", }, { category: "self", summary: "SUSE Bug 1206396", url: "https://bugzilla.suse.com/1206396", }, { category: "self", summary: "SUSE Bug 1206397", url: "https://bugzilla.suse.com/1206397", }, { category: "self", summary: "SUSE Bug 1206398", url: "https://bugzilla.suse.com/1206398", }, { category: "self", summary: "SUSE Bug 1206399", url: "https://bugzilla.suse.com/1206399", }, { category: "self", summary: "SUSE Bug 1206456", url: "https://bugzilla.suse.com/1206456", }, { category: "self", summary: "SUSE Bug 1206468", url: "https://bugzilla.suse.com/1206468", }, { category: "self", summary: "SUSE Bug 1206515", url: "https://bugzilla.suse.com/1206515", }, { category: "self", summary: "SUSE Bug 1206536", url: "https://bugzilla.suse.com/1206536", }, { category: "self", summary: "SUSE Bug 1206554", url: "https://bugzilla.suse.com/1206554", }, { category: "self", summary: "SUSE Bug 1206602", url: "https://bugzilla.suse.com/1206602", }, { category: "self", summary: "SUSE Bug 1206619", url: "https://bugzilla.suse.com/1206619", }, { category: "self", summary: "SUSE Bug 1206664", url: "https://bugzilla.suse.com/1206664", }, { category: "self", summary: "SUSE Bug 1206703", url: "https://bugzilla.suse.com/1206703", }, { category: "self", summary: "SUSE Bug 1206794", url: "https://bugzilla.suse.com/1206794", }, { category: "self", summary: "SUSE Bug 1206896", url: "https://bugzilla.suse.com/1206896", }, { category: "self", summary: "SUSE Bug 1206912", url: "https://bugzilla.suse.com/1206912", }, { category: "self", summary: "SUSE Bug 1207016", url: "https://bugzilla.suse.com/1207016", }, { category: "self", summary: "SUSE CVE CVE-2022-3104 page", url: "https://www.suse.com/security/cve/CVE-2022-3104/", }, { category: "self", summary: "SUSE CVE CVE-2022-3105 page", url: "https://www.suse.com/security/cve/CVE-2022-3105/", }, { category: "self", summary: "SUSE CVE CVE-2022-3106 page", url: "https://www.suse.com/security/cve/CVE-2022-3106/", }, { category: "self", summary: "SUSE CVE CVE-2022-3107 page", url: "https://www.suse.com/security/cve/CVE-2022-3107/", }, { category: "self", summary: "SUSE CVE CVE-2022-3108 page", url: "https://www.suse.com/security/cve/CVE-2022-3108/", }, { category: "self", summary: "SUSE CVE CVE-2022-3111 page", url: "https://www.suse.com/security/cve/CVE-2022-3111/", }, { category: "self", summary: "SUSE CVE CVE-2022-3112 page", url: "https://www.suse.com/security/cve/CVE-2022-3112/", }, { category: "self", summary: "SUSE CVE CVE-2022-3113 page", url: "https://www.suse.com/security/cve/CVE-2022-3113/", }, { category: "self", summary: "SUSE CVE CVE-2022-3114 page", url: "https://www.suse.com/security/cve/CVE-2022-3114/", }, { category: "self", summary: "SUSE CVE CVE-2022-3115 page", url: "https://www.suse.com/security/cve/CVE-2022-3115/", }, { category: "self", summary: "SUSE CVE CVE-2022-3344 page", url: "https://www.suse.com/security/cve/CVE-2022-3344/", }, { category: "self", summary: "SUSE CVE CVE-2022-3564 page", url: "https://www.suse.com/security/cve/CVE-2022-3564/", }, { category: "self", summary: "SUSE CVE CVE-2022-4379 page", url: "https://www.suse.com/security/cve/CVE-2022-4379/", }, { category: "self", summary: "SUSE CVE CVE-2022-4662 page", url: "https://www.suse.com/security/cve/CVE-2022-4662/", }, { category: "self", summary: "SUSE CVE CVE-2022-47520 page", url: "https://www.suse.com/security/cve/CVE-2022-47520/", }, ], title: "Security update for the Linux Kernel", tracking: { current_release_date: "2023-01-26T09:18:49Z", generator: { date: "2023-01-26T09:18:49Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2023:0149-1", initial_release_date: "2023-01-26T09:18:49Z", revision_history: [ { date: "2023-01-26T09:18:49Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "cluster-md-kmp-64kb-5.14.21-150400.24.41.1.aarch64", product: { name: "cluster-md-kmp-64kb-5.14.21-150400.24.41.1.aarch64", product_id: "cluster-md-kmp-64kb-5.14.21-150400.24.41.1.aarch64", }, }, { category: "product_version", name: "cluster-md-kmp-default-5.14.21-150400.24.41.1.aarch64", product: { name: "cluster-md-kmp-default-5.14.21-150400.24.41.1.aarch64", product_id: "cluster-md-kmp-default-5.14.21-150400.24.41.1.aarch64", }, }, { category: "product_version", name: "dlm-kmp-64kb-5.14.21-150400.24.41.1.aarch64", product: { name: "dlm-kmp-64kb-5.14.21-150400.24.41.1.aarch64", product_id: "dlm-kmp-64kb-5.14.21-150400.24.41.1.aarch64", }, }, { category: "product_version", name: "dlm-kmp-default-5.14.21-150400.24.41.1.aarch64", product: { name: "dlm-kmp-default-5.14.21-150400.24.41.1.aarch64", product_id: "dlm-kmp-default-5.14.21-150400.24.41.1.aarch64", }, }, { category: "product_version", name: "dtb-allwinner-5.14.21-150400.24.41.1.aarch64", product: { name: "dtb-allwinner-5.14.21-150400.24.41.1.aarch64", product_id: "dtb-allwinner-5.14.21-150400.24.41.1.aarch64", }, }, { category: "product_version", name: "dtb-altera-5.14.21-150400.24.41.1.aarch64", product: { name: "dtb-altera-5.14.21-150400.24.41.1.aarch64", product_id: "dtb-altera-5.14.21-150400.24.41.1.aarch64", }, }, { category: "product_version", name: "dtb-amazon-5.14.21-150400.24.41.1.aarch64", product: { name: "dtb-amazon-5.14.21-150400.24.41.1.aarch64", product_id: "dtb-amazon-5.14.21-150400.24.41.1.aarch64", }, }, { category: "product_version", name: "dtb-amd-5.14.21-150400.24.41.1.aarch64", product: { name: "dtb-amd-5.14.21-150400.24.41.1.aarch64", product_id: "dtb-amd-5.14.21-150400.24.41.1.aarch64", }, }, { category: "product_version", name: "dtb-amlogic-5.14.21-150400.24.41.1.aarch64", product: { name: "dtb-amlogic-5.14.21-150400.24.41.1.aarch64", product_id: "dtb-amlogic-5.14.21-150400.24.41.1.aarch64", }, }, { category: "product_version", name: "dtb-apm-5.14.21-150400.24.41.1.aarch64", product: { name: "dtb-apm-5.14.21-150400.24.41.1.aarch64", product_id: "dtb-apm-5.14.21-150400.24.41.1.aarch64", }, }, { category: "product_version", name: "dtb-apple-5.14.21-150400.24.41.1.aarch64", product: { name: "dtb-apple-5.14.21-150400.24.41.1.aarch64", product_id: "dtb-apple-5.14.21-150400.24.41.1.aarch64", }, }, { category: "product_version", name: "dtb-arm-5.14.21-150400.24.41.1.aarch64", product: { name: "dtb-arm-5.14.21-150400.24.41.1.aarch64", product_id: "dtb-arm-5.14.21-150400.24.41.1.aarch64", }, }, { category: "product_version", name: "dtb-broadcom-5.14.21-150400.24.41.1.aarch64", product: { name: "dtb-broadcom-5.14.21-150400.24.41.1.aarch64", product_id: "dtb-broadcom-5.14.21-150400.24.41.1.aarch64", }, }, { category: "product_version", name: "dtb-cavium-5.14.21-150400.24.41.1.aarch64", product: { name: "dtb-cavium-5.14.21-150400.24.41.1.aarch64", product_id: "dtb-cavium-5.14.21-150400.24.41.1.aarch64", }, }, { category: "product_version", name: "dtb-exynos-5.14.21-150400.24.41.1.aarch64", product: { name: "dtb-exynos-5.14.21-150400.24.41.1.aarch64", product_id: "dtb-exynos-5.14.21-150400.24.41.1.aarch64", }, }, { category: "product_version", name: "dtb-freescale-5.14.21-150400.24.41.1.aarch64", product: { name: "dtb-freescale-5.14.21-150400.24.41.1.aarch64", product_id: "dtb-freescale-5.14.21-150400.24.41.1.aarch64", }, }, { category: "product_version", name: "dtb-hisilicon-5.14.21-150400.24.41.1.aarch64", product: { name: "dtb-hisilicon-5.14.21-150400.24.41.1.aarch64", product_id: "dtb-hisilicon-5.14.21-150400.24.41.1.aarch64", }, }, { category: "product_version", name: "dtb-lg-5.14.21-150400.24.41.1.aarch64", product: { name: "dtb-lg-5.14.21-150400.24.41.1.aarch64", product_id: "dtb-lg-5.14.21-150400.24.41.1.aarch64", }, }, { category: "product_version", name: "dtb-marvell-5.14.21-150400.24.41.1.aarch64", product: { name: "dtb-marvell-5.14.21-150400.24.41.1.aarch64", product_id: "dtb-marvell-5.14.21-150400.24.41.1.aarch64", }, }, { category: "product_version", name: "dtb-mediatek-5.14.21-150400.24.41.1.aarch64", product: { name: "dtb-mediatek-5.14.21-150400.24.41.1.aarch64", product_id: "dtb-mediatek-5.14.21-150400.24.41.1.aarch64", }, }, { category: "product_version", name: "dtb-nvidia-5.14.21-150400.24.41.1.aarch64", product: { name: "dtb-nvidia-5.14.21-150400.24.41.1.aarch64", product_id: "dtb-nvidia-5.14.21-150400.24.41.1.aarch64", }, }, { category: "product_version", name: "dtb-qcom-5.14.21-150400.24.41.1.aarch64", product: { name: "dtb-qcom-5.14.21-150400.24.41.1.aarch64", product_id: "dtb-qcom-5.14.21-150400.24.41.1.aarch64", }, }, { category: "product_version", name: "dtb-renesas-5.14.21-150400.24.41.1.aarch64", product: { name: "dtb-renesas-5.14.21-150400.24.41.1.aarch64", product_id: "dtb-renesas-5.14.21-150400.24.41.1.aarch64", }, }, { category: "product_version", name: "dtb-rockchip-5.14.21-150400.24.41.1.aarch64", product: { name: "dtb-rockchip-5.14.21-150400.24.41.1.aarch64", product_id: "dtb-rockchip-5.14.21-150400.24.41.1.aarch64", }, }, { category: "product_version", name: "dtb-socionext-5.14.21-150400.24.41.1.aarch64", product: { name: "dtb-socionext-5.14.21-150400.24.41.1.aarch64", product_id: "dtb-socionext-5.14.21-150400.24.41.1.aarch64", }, }, { category: "product_version", name: "dtb-sprd-5.14.21-150400.24.41.1.aarch64", product: { name: "dtb-sprd-5.14.21-150400.24.41.1.aarch64", product_id: "dtb-sprd-5.14.21-150400.24.41.1.aarch64", }, }, { category: "product_version", name: "dtb-xilinx-5.14.21-150400.24.41.1.aarch64", product: { name: "dtb-xilinx-5.14.21-150400.24.41.1.aarch64", product_id: "dtb-xilinx-5.14.21-150400.24.41.1.aarch64", }, }, { category: "product_version", name: "gfs2-kmp-64kb-5.14.21-150400.24.41.1.aarch64", product: { name: "gfs2-kmp-64kb-5.14.21-150400.24.41.1.aarch64", product_id: "gfs2-kmp-64kb-5.14.21-150400.24.41.1.aarch64", }, }, { category: "product_version", name: "gfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", product: { name: "gfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", product_id: "gfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", }, }, { category: "product_version", name: "kernel-64kb-5.14.21-150400.24.41.1.aarch64", product: { name: "kernel-64kb-5.14.21-150400.24.41.1.aarch64", product_id: "kernel-64kb-5.14.21-150400.24.41.1.aarch64", }, }, { category: "product_version", name: "kernel-64kb-devel-5.14.21-150400.24.41.1.aarch64", product: { name: "kernel-64kb-devel-5.14.21-150400.24.41.1.aarch64", product_id: "kernel-64kb-devel-5.14.21-150400.24.41.1.aarch64", }, }, { category: "product_version", name: "kernel-64kb-extra-5.14.21-150400.24.41.1.aarch64", product: { name: "kernel-64kb-extra-5.14.21-150400.24.41.1.aarch64", product_id: "kernel-64kb-extra-5.14.21-150400.24.41.1.aarch64", }, }, { category: "product_version", name: "kernel-64kb-livepatch-devel-5.14.21-150400.24.41.1.aarch64", product: { name: "kernel-64kb-livepatch-devel-5.14.21-150400.24.41.1.aarch64", product_id: "kernel-64kb-livepatch-devel-5.14.21-150400.24.41.1.aarch64", }, }, { category: "product_version", name: "kernel-64kb-optional-5.14.21-150400.24.41.1.aarch64", product: { name: "kernel-64kb-optional-5.14.21-150400.24.41.1.aarch64", product_id: "kernel-64kb-optional-5.14.21-150400.24.41.1.aarch64", }, }, { category: "product_version", name: "kernel-default-5.14.21-150400.24.41.1.aarch64", product: { name: "kernel-default-5.14.21-150400.24.41.1.aarch64", product_id: "kernel-default-5.14.21-150400.24.41.1.aarch64", }, }, { category: "product_version", name: "kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", product: { name: "kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", product_id: "kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", }, }, { category: "product_version", name: "kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", product: { name: "kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", product_id: "kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", }, }, { category: "product_version", name: "kernel-default-devel-5.14.21-150400.24.41.1.aarch64", product: { name: "kernel-default-devel-5.14.21-150400.24.41.1.aarch64", product_id: "kernel-default-devel-5.14.21-150400.24.41.1.aarch64", }, }, { category: "product_version", name: "kernel-default-extra-5.14.21-150400.24.41.1.aarch64", product: { name: "kernel-default-extra-5.14.21-150400.24.41.1.aarch64", product_id: "kernel-default-extra-5.14.21-150400.24.41.1.aarch64", }, }, { category: "product_version", name: "kernel-default-livepatch-5.14.21-150400.24.41.1.aarch64", product: { name: "kernel-default-livepatch-5.14.21-150400.24.41.1.aarch64", product_id: "kernel-default-livepatch-5.14.21-150400.24.41.1.aarch64", }, }, { category: "product_version", name: "kernel-default-livepatch-devel-5.14.21-150400.24.41.1.aarch64", product: { name: "kernel-default-livepatch-devel-5.14.21-150400.24.41.1.aarch64", product_id: "kernel-default-livepatch-devel-5.14.21-150400.24.41.1.aarch64", }, }, { category: "product_version", name: "kernel-default-optional-5.14.21-150400.24.41.1.aarch64", product: { name: "kernel-default-optional-5.14.21-150400.24.41.1.aarch64", product_id: "kernel-default-optional-5.14.21-150400.24.41.1.aarch64", }, }, { category: "product_version", name: "kernel-kvmsmall-5.14.21-150400.24.41.1.aarch64", product: { name: "kernel-kvmsmall-5.14.21-150400.24.41.1.aarch64", product_id: "kernel-kvmsmall-5.14.21-150400.24.41.1.aarch64", }, }, { category: "product_version", name: "kernel-kvmsmall-devel-5.14.21-150400.24.41.1.aarch64", product: { name: "kernel-kvmsmall-devel-5.14.21-150400.24.41.1.aarch64", product_id: "kernel-kvmsmall-devel-5.14.21-150400.24.41.1.aarch64", }, }, { category: "product_version", name: "kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.aarch64", product: { name: "kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.aarch64", product_id: "kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.aarch64", }, }, { category: "product_version", name: "kernel-obs-build-5.14.21-150400.24.41.1.aarch64", product: { name: "kernel-obs-build-5.14.21-150400.24.41.1.aarch64", product_id: "kernel-obs-build-5.14.21-150400.24.41.1.aarch64", }, }, { category: "product_version", name: "kernel-obs-qa-5.14.21-150400.24.41.1.aarch64", product: { name: "kernel-obs-qa-5.14.21-150400.24.41.1.aarch64", product_id: "kernel-obs-qa-5.14.21-150400.24.41.1.aarch64", }, }, { category: "product_version", name: "kernel-syms-5.14.21-150400.24.41.1.aarch64", product: { name: "kernel-syms-5.14.21-150400.24.41.1.aarch64", product_id: "kernel-syms-5.14.21-150400.24.41.1.aarch64", }, }, { category: "product_version", name: "kselftests-kmp-64kb-5.14.21-150400.24.41.1.aarch64", product: { name: "kselftests-kmp-64kb-5.14.21-150400.24.41.1.aarch64", product_id: "kselftests-kmp-64kb-5.14.21-150400.24.41.1.aarch64", }, }, { category: "product_version", name: "kselftests-kmp-default-5.14.21-150400.24.41.1.aarch64", product: { name: "kselftests-kmp-default-5.14.21-150400.24.41.1.aarch64", product_id: "kselftests-kmp-default-5.14.21-150400.24.41.1.aarch64", }, }, { category: "product_version", name: "ocfs2-kmp-64kb-5.14.21-150400.24.41.1.aarch64", product: { name: "ocfs2-kmp-64kb-5.14.21-150400.24.41.1.aarch64", product_id: "ocfs2-kmp-64kb-5.14.21-150400.24.41.1.aarch64", }, }, { category: "product_version", name: "ocfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", product: { name: "ocfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", product_id: "ocfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", }, }, { category: "product_version", name: "reiserfs-kmp-64kb-5.14.21-150400.24.41.1.aarch64", product: { name: "reiserfs-kmp-64kb-5.14.21-150400.24.41.1.aarch64", product_id: "reiserfs-kmp-64kb-5.14.21-150400.24.41.1.aarch64", }, }, { category: "product_version", name: "reiserfs-kmp-default-5.14.21-150400.24.41.1.aarch64", product: { name: "reiserfs-kmp-default-5.14.21-150400.24.41.1.aarch64", product_id: "reiserfs-kmp-default-5.14.21-150400.24.41.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "kernel-devel-5.14.21-150400.24.41.1.noarch", product: { name: "kernel-devel-5.14.21-150400.24.41.1.noarch", product_id: "kernel-devel-5.14.21-150400.24.41.1.noarch", }, }, { category: "product_version", name: "kernel-docs-5.14.21-150400.24.41.1.noarch", product: { name: "kernel-docs-5.14.21-150400.24.41.1.noarch", product_id: "kernel-docs-5.14.21-150400.24.41.1.noarch", }, }, { category: "product_version", name: "kernel-docs-html-5.14.21-150400.24.41.1.noarch", product: { name: "kernel-docs-html-5.14.21-150400.24.41.1.noarch", product_id: "kernel-docs-html-5.14.21-150400.24.41.1.noarch", }, }, { category: "product_version", name: "kernel-macros-5.14.21-150400.24.41.1.noarch", product: { name: "kernel-macros-5.14.21-150400.24.41.1.noarch", product_id: "kernel-macros-5.14.21-150400.24.41.1.noarch", }, }, { category: "product_version", name: "kernel-source-5.14.21-150400.24.41.1.noarch", product: { name: "kernel-source-5.14.21-150400.24.41.1.noarch", product_id: "kernel-source-5.14.21-150400.24.41.1.noarch", }, }, { category: "product_version", name: "kernel-source-vanilla-5.14.21-150400.24.41.1.noarch", product: { name: "kernel-source-vanilla-5.14.21-150400.24.41.1.noarch", product_id: "kernel-source-vanilla-5.14.21-150400.24.41.1.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "cluster-md-kmp-default-5.14.21-150400.24.41.1.ppc64le", product: { name: "cluster-md-kmp-default-5.14.21-150400.24.41.1.ppc64le", product_id: "cluster-md-kmp-default-5.14.21-150400.24.41.1.ppc64le", }, }, { category: "product_version", name: "dlm-kmp-default-5.14.21-150400.24.41.1.ppc64le", product: { name: "dlm-kmp-default-5.14.21-150400.24.41.1.ppc64le", product_id: "dlm-kmp-default-5.14.21-150400.24.41.1.ppc64le", }, }, { category: "product_version", name: "gfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", product: { name: "gfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", product_id: "gfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", }, }, { category: "product_version", name: "kernel-debug-5.14.21-150400.24.41.1.ppc64le", product: { name: "kernel-debug-5.14.21-150400.24.41.1.ppc64le", product_id: "kernel-debug-5.14.21-150400.24.41.1.ppc64le", }, }, { category: "product_version", name: "kernel-debug-devel-5.14.21-150400.24.41.1.ppc64le", product: { name: "kernel-debug-devel-5.14.21-150400.24.41.1.ppc64le", product_id: "kernel-debug-devel-5.14.21-150400.24.41.1.ppc64le", }, }, { category: "product_version", name: "kernel-debug-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", product: { name: "kernel-debug-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", product_id: "kernel-debug-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-5.14.21-150400.24.41.1.ppc64le", product: { name: "kernel-default-5.14.21-150400.24.41.1.ppc64le", product_id: "kernel-default-5.14.21-150400.24.41.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", product: { name: "kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", product_id: "kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", product: { name: "kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", product_id: "kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-devel-5.14.21-150400.24.41.1.ppc64le", product: { name: "kernel-default-devel-5.14.21-150400.24.41.1.ppc64le", product_id: "kernel-default-devel-5.14.21-150400.24.41.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-extra-5.14.21-150400.24.41.1.ppc64le", product: { name: "kernel-default-extra-5.14.21-150400.24.41.1.ppc64le", product_id: "kernel-default-extra-5.14.21-150400.24.41.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-livepatch-5.14.21-150400.24.41.1.ppc64le", product: { name: "kernel-default-livepatch-5.14.21-150400.24.41.1.ppc64le", product_id: "kernel-default-livepatch-5.14.21-150400.24.41.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", product: { name: "kernel-default-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", product_id: "kernel-default-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-optional-5.14.21-150400.24.41.1.ppc64le", product: { name: "kernel-default-optional-5.14.21-150400.24.41.1.ppc64le", product_id: "kernel-default-optional-5.14.21-150400.24.41.1.ppc64le", }, }, { category: "product_version", name: "kernel-kvmsmall-5.14.21-150400.24.41.1.ppc64le", product: { name: "kernel-kvmsmall-5.14.21-150400.24.41.1.ppc64le", product_id: "kernel-kvmsmall-5.14.21-150400.24.41.1.ppc64le", }, }, { category: "product_version", name: "kernel-kvmsmall-devel-5.14.21-150400.24.41.1.ppc64le", product: { name: "kernel-kvmsmall-devel-5.14.21-150400.24.41.1.ppc64le", product_id: "kernel-kvmsmall-devel-5.14.21-150400.24.41.1.ppc64le", }, }, { category: "product_version", name: "kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", product: { name: "kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", product_id: "kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", }, }, { category: "product_version", name: "kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.ppc64le", product: { name: "kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.ppc64le", product_id: "kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.ppc64le", }, }, { category: "product_version", name: "kernel-obs-build-5.14.21-150400.24.41.1.ppc64le", product: { name: "kernel-obs-build-5.14.21-150400.24.41.1.ppc64le", product_id: "kernel-obs-build-5.14.21-150400.24.41.1.ppc64le", }, }, { category: "product_version", name: "kernel-obs-qa-5.14.21-150400.24.41.1.ppc64le", product: { name: "kernel-obs-qa-5.14.21-150400.24.41.1.ppc64le", product_id: "kernel-obs-qa-5.14.21-150400.24.41.1.ppc64le", }, }, { category: "product_version", name: "kernel-syms-5.14.21-150400.24.41.1.ppc64le", product: { name: "kernel-syms-5.14.21-150400.24.41.1.ppc64le", product_id: "kernel-syms-5.14.21-150400.24.41.1.ppc64le", }, }, { category: "product_version", name: "kselftests-kmp-default-5.14.21-150400.24.41.1.ppc64le", product: { name: "kselftests-kmp-default-5.14.21-150400.24.41.1.ppc64le", product_id: "kselftests-kmp-default-5.14.21-150400.24.41.1.ppc64le", }, }, { category: "product_version", name: "ocfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", product: { name: "ocfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", product_id: "ocfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", }, }, { category: "product_version", name: "reiserfs-kmp-default-5.14.21-150400.24.41.1.ppc64le", product: { name: "reiserfs-kmp-default-5.14.21-150400.24.41.1.ppc64le", product_id: "reiserfs-kmp-default-5.14.21-150400.24.41.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "cluster-md-kmp-default-5.14.21-150400.24.41.1.s390x", product: { name: "cluster-md-kmp-default-5.14.21-150400.24.41.1.s390x", product_id: "cluster-md-kmp-default-5.14.21-150400.24.41.1.s390x", }, }, { category: "product_version", name: "dlm-kmp-default-5.14.21-150400.24.41.1.s390x", product: { name: "dlm-kmp-default-5.14.21-150400.24.41.1.s390x", product_id: "dlm-kmp-default-5.14.21-150400.24.41.1.s390x", }, }, { category: "product_version", name: "gfs2-kmp-default-5.14.21-150400.24.41.1.s390x", product: { name: "gfs2-kmp-default-5.14.21-150400.24.41.1.s390x", product_id: "gfs2-kmp-default-5.14.21-150400.24.41.1.s390x", }, }, { category: "product_version", name: "kernel-default-5.14.21-150400.24.41.1.s390x", product: { name: "kernel-default-5.14.21-150400.24.41.1.s390x", product_id: "kernel-default-5.14.21-150400.24.41.1.s390x", }, }, { category: "product_version", name: "kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", product: { name: "kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", product_id: "kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", }, }, { category: "product_version", name: "kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.s390x", product: { name: "kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.s390x", product_id: "kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.s390x", }, }, { category: "product_version", name: "kernel-default-devel-5.14.21-150400.24.41.1.s390x", product: { name: "kernel-default-devel-5.14.21-150400.24.41.1.s390x", product_id: "kernel-default-devel-5.14.21-150400.24.41.1.s390x", }, }, { category: "product_version", name: "kernel-default-extra-5.14.21-150400.24.41.1.s390x", product: { name: "kernel-default-extra-5.14.21-150400.24.41.1.s390x", product_id: "kernel-default-extra-5.14.21-150400.24.41.1.s390x", }, }, { category: "product_version", name: "kernel-default-livepatch-5.14.21-150400.24.41.1.s390x", product: { name: "kernel-default-livepatch-5.14.21-150400.24.41.1.s390x", product_id: "kernel-default-livepatch-5.14.21-150400.24.41.1.s390x", }, }, { category: "product_version", name: "kernel-default-livepatch-devel-5.14.21-150400.24.41.1.s390x", product: { name: "kernel-default-livepatch-devel-5.14.21-150400.24.41.1.s390x", product_id: "kernel-default-livepatch-devel-5.14.21-150400.24.41.1.s390x", }, }, { category: "product_version", name: "kernel-default-optional-5.14.21-150400.24.41.1.s390x", product: { name: "kernel-default-optional-5.14.21-150400.24.41.1.s390x", product_id: "kernel-default-optional-5.14.21-150400.24.41.1.s390x", }, }, { category: "product_version", name: "kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.s390x", product: { name: "kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.s390x", product_id: "kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.s390x", }, }, { category: "product_version", name: "kernel-obs-build-5.14.21-150400.24.41.1.s390x", product: { name: "kernel-obs-build-5.14.21-150400.24.41.1.s390x", product_id: "kernel-obs-build-5.14.21-150400.24.41.1.s390x", }, }, { category: "product_version", name: "kernel-obs-qa-5.14.21-150400.24.41.1.s390x", product: { name: "kernel-obs-qa-5.14.21-150400.24.41.1.s390x", product_id: "kernel-obs-qa-5.14.21-150400.24.41.1.s390x", }, }, { category: "product_version", name: "kernel-syms-5.14.21-150400.24.41.1.s390x", product: { name: "kernel-syms-5.14.21-150400.24.41.1.s390x", product_id: "kernel-syms-5.14.21-150400.24.41.1.s390x", }, }, { category: "product_version", name: "kernel-zfcpdump-5.14.21-150400.24.41.1.s390x", product: { name: "kernel-zfcpdump-5.14.21-150400.24.41.1.s390x", product_id: "kernel-zfcpdump-5.14.21-150400.24.41.1.s390x", }, }, { category: "product_version", name: "kselftests-kmp-default-5.14.21-150400.24.41.1.s390x", product: { name: "kselftests-kmp-default-5.14.21-150400.24.41.1.s390x", product_id: "kselftests-kmp-default-5.14.21-150400.24.41.1.s390x", }, }, { category: "product_version", name: "ocfs2-kmp-default-5.14.21-150400.24.41.1.s390x", product: { name: "ocfs2-kmp-default-5.14.21-150400.24.41.1.s390x", product_id: "ocfs2-kmp-default-5.14.21-150400.24.41.1.s390x", }, }, { category: "product_version", name: "reiserfs-kmp-default-5.14.21-150400.24.41.1.s390x", product: { name: "reiserfs-kmp-default-5.14.21-150400.24.41.1.s390x", product_id: "reiserfs-kmp-default-5.14.21-150400.24.41.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "cluster-md-kmp-default-5.14.21-150400.24.41.1.x86_64", product: { name: "cluster-md-kmp-default-5.14.21-150400.24.41.1.x86_64", product_id: "cluster-md-kmp-default-5.14.21-150400.24.41.1.x86_64", }, }, { category: "product_version", name: "dlm-kmp-default-5.14.21-150400.24.41.1.x86_64", product: { name: "dlm-kmp-default-5.14.21-150400.24.41.1.x86_64", product_id: "dlm-kmp-default-5.14.21-150400.24.41.1.x86_64", }, }, { category: "product_version", name: "gfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", product: { name: "gfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", product_id: "gfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", }, }, { category: "product_version", name: "kernel-debug-5.14.21-150400.24.41.1.x86_64", product: { name: "kernel-debug-5.14.21-150400.24.41.1.x86_64", product_id: "kernel-debug-5.14.21-150400.24.41.1.x86_64", }, }, { category: "product_version", name: "kernel-debug-devel-5.14.21-150400.24.41.1.x86_64", product: { name: "kernel-debug-devel-5.14.21-150400.24.41.1.x86_64", product_id: "kernel-debug-devel-5.14.21-150400.24.41.1.x86_64", }, }, { category: "product_version", name: "kernel-debug-livepatch-devel-5.14.21-150400.24.41.1.x86_64", product: { name: "kernel-debug-livepatch-devel-5.14.21-150400.24.41.1.x86_64", product_id: "kernel-debug-livepatch-devel-5.14.21-150400.24.41.1.x86_64", }, }, { category: "product_version", name: "kernel-default-5.14.21-150400.24.41.1.x86_64", product: { name: "kernel-default-5.14.21-150400.24.41.1.x86_64", product_id: "kernel-default-5.14.21-150400.24.41.1.x86_64", }, }, { category: "product_version", name: "kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", product: { name: "kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", product_id: "kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", }, }, { category: "product_version", name: "kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", product: { name: "kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", product_id: "kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", }, }, { category: "product_version", name: "kernel-default-devel-5.14.21-150400.24.41.1.x86_64", product: { name: "kernel-default-devel-5.14.21-150400.24.41.1.x86_64", product_id: "kernel-default-devel-5.14.21-150400.24.41.1.x86_64", }, }, { category: "product_version", name: "kernel-default-extra-5.14.21-150400.24.41.1.x86_64", product: { name: "kernel-default-extra-5.14.21-150400.24.41.1.x86_64", product_id: "kernel-default-extra-5.14.21-150400.24.41.1.x86_64", }, }, { category: "product_version", name: "kernel-default-livepatch-5.14.21-150400.24.41.1.x86_64", product: { name: "kernel-default-livepatch-5.14.21-150400.24.41.1.x86_64", product_id: "kernel-default-livepatch-5.14.21-150400.24.41.1.x86_64", }, }, { category: "product_version", name: "kernel-default-livepatch-devel-5.14.21-150400.24.41.1.x86_64", product: { name: "kernel-default-livepatch-devel-5.14.21-150400.24.41.1.x86_64", product_id: "kernel-default-livepatch-devel-5.14.21-150400.24.41.1.x86_64", }, }, { category: "product_version", name: "kernel-default-optional-5.14.21-150400.24.41.1.x86_64", product: { name: "kernel-default-optional-5.14.21-150400.24.41.1.x86_64", product_id: "kernel-default-optional-5.14.21-150400.24.41.1.x86_64", }, }, { category: "product_version", name: "kernel-kvmsmall-5.14.21-150400.24.41.1.x86_64", product: { name: "kernel-kvmsmall-5.14.21-150400.24.41.1.x86_64", product_id: "kernel-kvmsmall-5.14.21-150400.24.41.1.x86_64", }, }, { category: "product_version", name: "kernel-kvmsmall-devel-5.14.21-150400.24.41.1.x86_64", product: { name: "kernel-kvmsmall-devel-5.14.21-150400.24.41.1.x86_64", product_id: "kernel-kvmsmall-devel-5.14.21-150400.24.41.1.x86_64", }, }, { category: "product_version", name: "kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.x86_64", product: { name: "kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.x86_64", product_id: "kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.x86_64", }, }, { category: "product_version", name: "kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.x86_64", product: { name: "kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.x86_64", product_id: "kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.x86_64", }, }, { category: "product_version", name: "kernel-obs-build-5.14.21-150400.24.41.1.x86_64", product: { name: "kernel-obs-build-5.14.21-150400.24.41.1.x86_64", product_id: "kernel-obs-build-5.14.21-150400.24.41.1.x86_64", }, }, { category: "product_version", name: "kernel-obs-qa-5.14.21-150400.24.41.1.x86_64", product: { name: "kernel-obs-qa-5.14.21-150400.24.41.1.x86_64", product_id: "kernel-obs-qa-5.14.21-150400.24.41.1.x86_64", }, }, { category: "product_version", name: "kernel-syms-5.14.21-150400.24.41.1.x86_64", product: { name: "kernel-syms-5.14.21-150400.24.41.1.x86_64", product_id: "kernel-syms-5.14.21-150400.24.41.1.x86_64", }, }, { category: "product_version", name: "kselftests-kmp-default-5.14.21-150400.24.41.1.x86_64", product: { name: "kselftests-kmp-default-5.14.21-150400.24.41.1.x86_64", product_id: "kselftests-kmp-default-5.14.21-150400.24.41.1.x86_64", }, }, { category: "product_version", name: "ocfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", product: { name: "ocfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", product_id: "ocfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", }, }, { category: "product_version", name: "reiserfs-kmp-default-5.14.21-150400.24.41.1.x86_64", product: { name: "reiserfs-kmp-default-5.14.21-150400.24.41.1.x86_64", product_id: "reiserfs-kmp-default-5.14.21-150400.24.41.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Micro 5.3", product: { name: "SUSE Linux Enterprise Micro 5.3", product_id: "SUSE Linux Enterprise Micro 5.3", product_identification_helper: { cpe: "cpe:/o:suse:sle-micro:5.3", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Module for Basesystem 15 SP4", product: { name: "SUSE Linux Enterprise Module for Basesystem 15 SP4", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP4", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-basesystem:15:sp4", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Module for Development Tools 15 SP4", product: { name: "SUSE Linux Enterprise Module for Development Tools 15 SP4", product_id: "SUSE Linux Enterprise Module for Development Tools 15 SP4", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-development-tools:15:sp4", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Module for Legacy 15 SP4", product: { name: "SUSE Linux Enterprise Module for Legacy 15 SP4", product_id: "SUSE Linux Enterprise Module for Legacy 15 SP4", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-legacy:15:sp4", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Live Patching 15 SP4", product: { name: "SUSE Linux Enterprise Live Patching 15 SP4", product_id: "SUSE Linux Enterprise Live Patching 15 SP4", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-live-patching:15:sp4", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise High Availability Extension 15 SP4", product: { name: "SUSE Linux Enterprise High Availability Extension 15 SP4", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP4", product_identification_helper: { cpe: "cpe:/o:suse:sle-ha:15:sp4", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Workstation Extension 15 SP4", product: { name: "SUSE Linux Enterprise Workstation Extension 15 SP4", product_id: "SUSE Linux Enterprise Workstation Extension 15 SP4", product_identification_helper: { cpe: "cpe:/o:suse:sle-we:15:sp4", }, }, }, { category: "product_name", name: "openSUSE Leap Micro 5.3", product: { name: "openSUSE Leap Micro 5.3", product_id: "openSUSE Leap Micro 5.3", product_identification_helper: { cpe: "cpe:/o:opensuse:leap-micro:5.3", }, }, }, { category: "product_name", name: "openSUSE Leap 15.4", product: { name: "openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4", product_identification_helper: { cpe: "cpe:/o:opensuse:leap:15.4", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "kernel-default-5.14.21-150400.24.41.1.aarch64 as component of SUSE Linux Enterprise Micro 5.3", product_id: "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.aarch64", }, product_reference: "kernel-default-5.14.21-150400.24.41.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-5.14.21-150400.24.41.1.s390x as component of SUSE Linux Enterprise Micro 5.3", product_id: "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.s390x", }, product_reference: "kernel-default-5.14.21-150400.24.41.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-5.14.21-150400.24.41.1.x86_64 as component of SUSE Linux Enterprise Micro 5.3", product_id: "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.x86_64", }, product_reference: "kernel-default-5.14.21-150400.24.41.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64 as component of SUSE Linux Enterprise Micro 5.3", product_id: "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", }, product_reference: "kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x as component of SUSE Linux Enterprise Micro 5.3", product_id: "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", }, product_reference: "kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64 as component of SUSE Linux Enterprise Micro 5.3", product_id: "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", }, product_reference: "kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.3", }, { category: "default_component_of", full_product_name: { name: "kernel-64kb-5.14.21-150400.24.41.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP4", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.41.1.aarch64", }, product_reference: "kernel-64kb-5.14.21-150400.24.41.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-64kb-devel-5.14.21-150400.24.41.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP4", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.41.1.aarch64", }, product_reference: "kernel-64kb-devel-5.14.21-150400.24.41.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-5.14.21-150400.24.41.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP4", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.aarch64", }, product_reference: "kernel-default-5.14.21-150400.24.41.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-5.14.21-150400.24.41.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP4", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.ppc64le", }, product_reference: "kernel-default-5.14.21-150400.24.41.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-5.14.21-150400.24.41.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP4", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.s390x", }, product_reference: "kernel-default-5.14.21-150400.24.41.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-5.14.21-150400.24.41.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP4", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.x86_64", }, product_reference: "kernel-default-5.14.21-150400.24.41.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP4", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", }, product_reference: "kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP4", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", }, product_reference: "kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP4", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", }, product_reference: "kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP4", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", }, product_reference: "kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-5.14.21-150400.24.41.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP4", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.aarch64", }, product_reference: "kernel-default-devel-5.14.21-150400.24.41.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-5.14.21-150400.24.41.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP4", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.ppc64le", }, product_reference: "kernel-default-devel-5.14.21-150400.24.41.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-5.14.21-150400.24.41.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP4", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.s390x", }, product_reference: "kernel-default-devel-5.14.21-150400.24.41.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-5.14.21-150400.24.41.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP4", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.x86_64", }, product_reference: "kernel-default-devel-5.14.21-150400.24.41.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-5.14.21-150400.24.41.1.noarch as component of SUSE Linux Enterprise Module for Basesystem 15 SP4", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.41.1.noarch", }, product_reference: "kernel-devel-5.14.21-150400.24.41.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-macros-5.14.21-150400.24.41.1.noarch as component of SUSE Linux Enterprise Module for Basesystem 15 SP4", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.41.1.noarch", }, product_reference: "kernel-macros-5.14.21-150400.24.41.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-zfcpdump-5.14.21-150400.24.41.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP4", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.41.1.s390x", }, product_reference: "kernel-zfcpdump-5.14.21-150400.24.41.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-docs-5.14.21-150400.24.41.1.noarch as component of SUSE Linux Enterprise Module for Development Tools 15 SP4", product_id: "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.41.1.noarch", }, product_reference: "kernel-docs-5.14.21-150400.24.41.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-build-5.14.21-150400.24.41.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP4", product_id: "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.aarch64", }, product_reference: "kernel-obs-build-5.14.21-150400.24.41.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-build-5.14.21-150400.24.41.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP4", product_id: "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.ppc64le", }, product_reference: "kernel-obs-build-5.14.21-150400.24.41.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-build-5.14.21-150400.24.41.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP4", product_id: "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.s390x", }, product_reference: "kernel-obs-build-5.14.21-150400.24.41.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-build-5.14.21-150400.24.41.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP4", product_id: "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.x86_64", }, product_reference: "kernel-obs-build-5.14.21-150400.24.41.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-source-5.14.21-150400.24.41.1.noarch as component of SUSE Linux Enterprise Module for Development Tools 15 SP4", product_id: "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.41.1.noarch", }, product_reference: "kernel-source-5.14.21-150400.24.41.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-5.14.21-150400.24.41.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP4", product_id: "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.aarch64", }, product_reference: "kernel-syms-5.14.21-150400.24.41.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-5.14.21-150400.24.41.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP4", product_id: "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.ppc64le", }, product_reference: "kernel-syms-5.14.21-150400.24.41.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-5.14.21-150400.24.41.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP4", product_id: "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.s390x", }, product_reference: "kernel-syms-5.14.21-150400.24.41.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-5.14.21-150400.24.41.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP4", product_id: "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.x86_64", }, product_reference: "kernel-syms-5.14.21-150400.24.41.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15 SP4", }, { category: "default_component_of", full_product_name: { name: "reiserfs-kmp-default-5.14.21-150400.24.41.1.aarch64 as component of SUSE Linux Enterprise Module for Legacy 15 SP4", product_id: "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.aarch64", }, product_reference: "reiserfs-kmp-default-5.14.21-150400.24.41.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Legacy 15 SP4", }, { category: "default_component_of", full_product_name: { name: "reiserfs-kmp-default-5.14.21-150400.24.41.1.ppc64le as component of SUSE Linux Enterprise Module for Legacy 15 SP4", product_id: "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.ppc64le", }, product_reference: "reiserfs-kmp-default-5.14.21-150400.24.41.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Legacy 15 SP4", }, { category: "default_component_of", full_product_name: { name: "reiserfs-kmp-default-5.14.21-150400.24.41.1.s390x as component of SUSE Linux Enterprise Module for Legacy 15 SP4", product_id: "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.s390x", }, product_reference: "reiserfs-kmp-default-5.14.21-150400.24.41.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Legacy 15 SP4", }, { category: "default_component_of", full_product_name: { name: "reiserfs-kmp-default-5.14.21-150400.24.41.1.x86_64 as component of SUSE Linux Enterprise Module for Legacy 15 SP4", product_id: "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.x86_64", }, product_reference: "reiserfs-kmp-default-5.14.21-150400.24.41.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Legacy 15 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-livepatch-5.14.21-150400.24.41.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP4", product_id: "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.ppc64le", }, product_reference: "kernel-default-livepatch-5.14.21-150400.24.41.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Live Patching 15 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-livepatch-5.14.21-150400.24.41.1.s390x as component of SUSE Linux Enterprise Live Patching 15 SP4", product_id: "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.s390x", }, product_reference: "kernel-default-livepatch-5.14.21-150400.24.41.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Live Patching 15 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-livepatch-5.14.21-150400.24.41.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP4", product_id: "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.x86_64", }, product_reference: "kernel-default-livepatch-5.14.21-150400.24.41.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Live Patching 15 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-livepatch-devel-5.14.21-150400.24.41.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP4", product_id: "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", }, product_reference: "kernel-default-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Live Patching 15 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-livepatch-devel-5.14.21-150400.24.41.1.s390x as component of SUSE Linux Enterprise Live Patching 15 SP4", product_id: "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.s390x", }, product_reference: "kernel-default-livepatch-devel-5.14.21-150400.24.41.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Live Patching 15 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-livepatch-devel-5.14.21-150400.24.41.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP4", product_id: "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.x86_64", }, product_reference: "kernel-default-livepatch-devel-5.14.21-150400.24.41.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Live Patching 15 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP4", product_id: "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.ppc64le", }, product_reference: "kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Live Patching 15 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.s390x as component of SUSE Linux Enterprise Live Patching 15 SP4", product_id: "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.s390x", }, product_reference: "kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Live Patching 15 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP4", product_id: "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.x86_64", }, product_reference: "kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Live Patching 15 SP4", }, { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-default-5.14.21-150400.24.41.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15 SP4", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.aarch64", }, product_reference: "cluster-md-kmp-default-5.14.21-150400.24.41.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP4", }, { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-default-5.14.21-150400.24.41.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15 SP4", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.ppc64le", }, product_reference: "cluster-md-kmp-default-5.14.21-150400.24.41.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP4", }, { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-default-5.14.21-150400.24.41.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15 SP4", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.s390x", }, product_reference: "cluster-md-kmp-default-5.14.21-150400.24.41.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP4", }, { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-default-5.14.21-150400.24.41.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15 SP4", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.x86_64", }, product_reference: "cluster-md-kmp-default-5.14.21-150400.24.41.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP4", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-default-5.14.21-150400.24.41.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15 SP4", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.aarch64", }, product_reference: "dlm-kmp-default-5.14.21-150400.24.41.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP4", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-default-5.14.21-150400.24.41.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15 SP4", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.ppc64le", }, product_reference: "dlm-kmp-default-5.14.21-150400.24.41.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP4", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-default-5.14.21-150400.24.41.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15 SP4", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.s390x", }, product_reference: "dlm-kmp-default-5.14.21-150400.24.41.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP4", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-default-5.14.21-150400.24.41.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15 SP4", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.x86_64", }, product_reference: "dlm-kmp-default-5.14.21-150400.24.41.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP4", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-default-5.14.21-150400.24.41.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15 SP4", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", }, product_reference: "gfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP4", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15 SP4", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", }, product_reference: "gfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP4", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-default-5.14.21-150400.24.41.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15 SP4", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.s390x", }, product_reference: "gfs2-kmp-default-5.14.21-150400.24.41.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP4", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-default-5.14.21-150400.24.41.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15 SP4", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", }, product_reference: "gfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP4", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-default-5.14.21-150400.24.41.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15 SP4", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", }, product_reference: "ocfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP4", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15 SP4", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", }, product_reference: "ocfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP4", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-default-5.14.21-150400.24.41.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15 SP4", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.s390x", }, product_reference: "ocfs2-kmp-default-5.14.21-150400.24.41.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP4", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-default-5.14.21-150400.24.41.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15 SP4", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", }, product_reference: "ocfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-extra-5.14.21-150400.24.41.1.x86_64 as component of SUSE Linux Enterprise Workstation Extension 15 SP4", product_id: "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.41.1.x86_64", }, product_reference: "kernel-default-extra-5.14.21-150400.24.41.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Workstation Extension 15 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-5.14.21-150400.24.41.1.aarch64 as component of openSUSE Leap Micro 5.3", product_id: "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.41.1.aarch64", }, product_reference: "kernel-default-5.14.21-150400.24.41.1.aarch64", relates_to_product_reference: "openSUSE Leap Micro 5.3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-5.14.21-150400.24.41.1.x86_64 as component of openSUSE Leap Micro 5.3", product_id: "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.41.1.x86_64", }, product_reference: "kernel-default-5.14.21-150400.24.41.1.x86_64", relates_to_product_reference: "openSUSE Leap Micro 5.3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64 as component of openSUSE Leap Micro 5.3", product_id: "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", }, product_reference: "kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", relates_to_product_reference: "openSUSE Leap Micro 5.3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64 as component of openSUSE Leap Micro 5.3", product_id: "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", }, product_reference: "kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", relates_to_product_reference: "openSUSE Leap Micro 5.3", }, { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-64kb-5.14.21-150400.24.41.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.41.1.aarch64", }, product_reference: "cluster-md-kmp-64kb-5.14.21-150400.24.41.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-default-5.14.21-150400.24.41.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.aarch64", }, product_reference: "cluster-md-kmp-default-5.14.21-150400.24.41.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-default-5.14.21-150400.24.41.1.ppc64le as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.ppc64le", }, product_reference: "cluster-md-kmp-default-5.14.21-150400.24.41.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-default-5.14.21-150400.24.41.1.s390x as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.s390x", }, product_reference: "cluster-md-kmp-default-5.14.21-150400.24.41.1.s390x", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-default-5.14.21-150400.24.41.1.x86_64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.x86_64", }, product_reference: "cluster-md-kmp-default-5.14.21-150400.24.41.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-64kb-5.14.21-150400.24.41.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.41.1.aarch64", }, product_reference: "dlm-kmp-64kb-5.14.21-150400.24.41.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-default-5.14.21-150400.24.41.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.aarch64", }, product_reference: "dlm-kmp-default-5.14.21-150400.24.41.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-default-5.14.21-150400.24.41.1.ppc64le as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.ppc64le", }, product_reference: "dlm-kmp-default-5.14.21-150400.24.41.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-default-5.14.21-150400.24.41.1.s390x as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.s390x", }, product_reference: "dlm-kmp-default-5.14.21-150400.24.41.1.s390x", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-default-5.14.21-150400.24.41.1.x86_64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.x86_64", }, product_reference: "dlm-kmp-default-5.14.21-150400.24.41.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "dtb-allwinner-5.14.21-150400.24.41.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.41.1.aarch64", }, product_reference: "dtb-allwinner-5.14.21-150400.24.41.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "dtb-altera-5.14.21-150400.24.41.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.41.1.aarch64", }, product_reference: "dtb-altera-5.14.21-150400.24.41.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "dtb-amazon-5.14.21-150400.24.41.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.41.1.aarch64", }, product_reference: "dtb-amazon-5.14.21-150400.24.41.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "dtb-amd-5.14.21-150400.24.41.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.41.1.aarch64", }, product_reference: "dtb-amd-5.14.21-150400.24.41.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "dtb-amlogic-5.14.21-150400.24.41.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.41.1.aarch64", }, product_reference: "dtb-amlogic-5.14.21-150400.24.41.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "dtb-apm-5.14.21-150400.24.41.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.41.1.aarch64", }, product_reference: "dtb-apm-5.14.21-150400.24.41.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "dtb-apple-5.14.21-150400.24.41.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.41.1.aarch64", }, product_reference: "dtb-apple-5.14.21-150400.24.41.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "dtb-arm-5.14.21-150400.24.41.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.41.1.aarch64", }, product_reference: "dtb-arm-5.14.21-150400.24.41.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "dtb-broadcom-5.14.21-150400.24.41.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.41.1.aarch64", }, product_reference: "dtb-broadcom-5.14.21-150400.24.41.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "dtb-cavium-5.14.21-150400.24.41.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.41.1.aarch64", }, product_reference: "dtb-cavium-5.14.21-150400.24.41.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "dtb-exynos-5.14.21-150400.24.41.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.41.1.aarch64", }, product_reference: "dtb-exynos-5.14.21-150400.24.41.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "dtb-freescale-5.14.21-150400.24.41.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.41.1.aarch64", }, product_reference: "dtb-freescale-5.14.21-150400.24.41.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "dtb-hisilicon-5.14.21-150400.24.41.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.41.1.aarch64", }, product_reference: "dtb-hisilicon-5.14.21-150400.24.41.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "dtb-lg-5.14.21-150400.24.41.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.41.1.aarch64", }, product_reference: "dtb-lg-5.14.21-150400.24.41.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "dtb-marvell-5.14.21-150400.24.41.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.41.1.aarch64", }, product_reference: "dtb-marvell-5.14.21-150400.24.41.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "dtb-mediatek-5.14.21-150400.24.41.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.41.1.aarch64", }, product_reference: "dtb-mediatek-5.14.21-150400.24.41.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "dtb-nvidia-5.14.21-150400.24.41.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.41.1.aarch64", }, product_reference: "dtb-nvidia-5.14.21-150400.24.41.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "dtb-qcom-5.14.21-150400.24.41.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.41.1.aarch64", }, product_reference: "dtb-qcom-5.14.21-150400.24.41.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "dtb-renesas-5.14.21-150400.24.41.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.41.1.aarch64", }, product_reference: "dtb-renesas-5.14.21-150400.24.41.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "dtb-rockchip-5.14.21-150400.24.41.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.41.1.aarch64", }, product_reference: "dtb-rockchip-5.14.21-150400.24.41.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "dtb-socionext-5.14.21-150400.24.41.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.41.1.aarch64", }, product_reference: "dtb-socionext-5.14.21-150400.24.41.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "dtb-sprd-5.14.21-150400.24.41.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.41.1.aarch64", }, product_reference: "dtb-sprd-5.14.21-150400.24.41.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "dtb-xilinx-5.14.21-150400.24.41.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.41.1.aarch64", }, product_reference: "dtb-xilinx-5.14.21-150400.24.41.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-64kb-5.14.21-150400.24.41.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.41.1.aarch64", }, product_reference: "gfs2-kmp-64kb-5.14.21-150400.24.41.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-default-5.14.21-150400.24.41.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", }, product_reference: "gfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", }, product_reference: "gfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-default-5.14.21-150400.24.41.1.s390x as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.s390x", }, product_reference: "gfs2-kmp-default-5.14.21-150400.24.41.1.s390x", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-default-5.14.21-150400.24.41.1.x86_64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", }, product_reference: "gfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-64kb-5.14.21-150400.24.41.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.41.1.aarch64", }, product_reference: "kernel-64kb-5.14.21-150400.24.41.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-64kb-devel-5.14.21-150400.24.41.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.41.1.aarch64", }, product_reference: "kernel-64kb-devel-5.14.21-150400.24.41.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-64kb-extra-5.14.21-150400.24.41.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.41.1.aarch64", }, product_reference: "kernel-64kb-extra-5.14.21-150400.24.41.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-64kb-livepatch-devel-5.14.21-150400.24.41.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.41.1.aarch64", }, product_reference: "kernel-64kb-livepatch-devel-5.14.21-150400.24.41.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-64kb-optional-5.14.21-150400.24.41.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.41.1.aarch64", }, product_reference: "kernel-64kb-optional-5.14.21-150400.24.41.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-debug-5.14.21-150400.24.41.1.ppc64le as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.41.1.ppc64le", }, product_reference: "kernel-debug-5.14.21-150400.24.41.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-debug-5.14.21-150400.24.41.1.x86_64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.41.1.x86_64", }, product_reference: "kernel-debug-5.14.21-150400.24.41.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-debug-devel-5.14.21-150400.24.41.1.ppc64le as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.41.1.ppc64le", }, product_reference: "kernel-debug-devel-5.14.21-150400.24.41.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-debug-devel-5.14.21-150400.24.41.1.x86_64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.41.1.x86_64", }, product_reference: "kernel-debug-devel-5.14.21-150400.24.41.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-debug-livepatch-devel-5.14.21-150400.24.41.1.ppc64le as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", }, product_reference: "kernel-debug-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-debug-livepatch-devel-5.14.21-150400.24.41.1.x86_64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.41.1.x86_64", }, product_reference: "kernel-debug-livepatch-devel-5.14.21-150400.24.41.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-5.14.21-150400.24.41.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.aarch64", }, product_reference: "kernel-default-5.14.21-150400.24.41.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-5.14.21-150400.24.41.1.ppc64le as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.ppc64le", }, product_reference: "kernel-default-5.14.21-150400.24.41.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-5.14.21-150400.24.41.1.s390x as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.s390x", }, product_reference: "kernel-default-5.14.21-150400.24.41.1.s390x", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-5.14.21-150400.24.41.1.x86_64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.x86_64", }, product_reference: "kernel-default-5.14.21-150400.24.41.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", }, product_reference: "kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", }, product_reference: "kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", }, product_reference: "kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", }, product_reference: "kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", }, product_reference: "kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", }, product_reference: "kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.s390x as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.s390x", }, product_reference: "kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.s390x", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.x86_64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", }, product_reference: "kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-5.14.21-150400.24.41.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.aarch64", }, product_reference: "kernel-default-devel-5.14.21-150400.24.41.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-5.14.21-150400.24.41.1.ppc64le as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.ppc64le", }, product_reference: "kernel-default-devel-5.14.21-150400.24.41.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-5.14.21-150400.24.41.1.s390x as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.s390x", }, product_reference: "kernel-default-devel-5.14.21-150400.24.41.1.s390x", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-5.14.21-150400.24.41.1.x86_64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.x86_64", }, product_reference: "kernel-default-devel-5.14.21-150400.24.41.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-extra-5.14.21-150400.24.41.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.aarch64", }, product_reference: "kernel-default-extra-5.14.21-150400.24.41.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-extra-5.14.21-150400.24.41.1.ppc64le as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.ppc64le", }, product_reference: "kernel-default-extra-5.14.21-150400.24.41.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-extra-5.14.21-150400.24.41.1.s390x as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.s390x", }, product_reference: "kernel-default-extra-5.14.21-150400.24.41.1.s390x", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-extra-5.14.21-150400.24.41.1.x86_64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.x86_64", }, product_reference: "kernel-default-extra-5.14.21-150400.24.41.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-livepatch-5.14.21-150400.24.41.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.aarch64", }, product_reference: "kernel-default-livepatch-5.14.21-150400.24.41.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-livepatch-5.14.21-150400.24.41.1.ppc64le as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.ppc64le", }, product_reference: "kernel-default-livepatch-5.14.21-150400.24.41.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-livepatch-5.14.21-150400.24.41.1.s390x as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.s390x", }, product_reference: "kernel-default-livepatch-5.14.21-150400.24.41.1.s390x", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-livepatch-5.14.21-150400.24.41.1.x86_64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.x86_64", }, product_reference: "kernel-default-livepatch-5.14.21-150400.24.41.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-livepatch-devel-5.14.21-150400.24.41.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.aarch64", }, product_reference: "kernel-default-livepatch-devel-5.14.21-150400.24.41.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-livepatch-devel-5.14.21-150400.24.41.1.ppc64le as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", }, product_reference: "kernel-default-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-livepatch-devel-5.14.21-150400.24.41.1.s390x as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.s390x", }, product_reference: "kernel-default-livepatch-devel-5.14.21-150400.24.41.1.s390x", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-livepatch-devel-5.14.21-150400.24.41.1.x86_64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.x86_64", }, product_reference: "kernel-default-livepatch-devel-5.14.21-150400.24.41.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-optional-5.14.21-150400.24.41.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.aarch64", }, product_reference: "kernel-default-optional-5.14.21-150400.24.41.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-optional-5.14.21-150400.24.41.1.ppc64le as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.ppc64le", }, product_reference: "kernel-default-optional-5.14.21-150400.24.41.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-optional-5.14.21-150400.24.41.1.s390x as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.s390x", }, product_reference: "kernel-default-optional-5.14.21-150400.24.41.1.s390x", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-optional-5.14.21-150400.24.41.1.x86_64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.x86_64", }, product_reference: "kernel-default-optional-5.14.21-150400.24.41.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-5.14.21-150400.24.41.1.noarch as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.41.1.noarch", }, product_reference: "kernel-devel-5.14.21-150400.24.41.1.noarch", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-docs-5.14.21-150400.24.41.1.noarch as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.41.1.noarch", }, product_reference: "kernel-docs-5.14.21-150400.24.41.1.noarch", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-docs-html-5.14.21-150400.24.41.1.noarch as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.41.1.noarch", }, product_reference: "kernel-docs-html-5.14.21-150400.24.41.1.noarch", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-kvmsmall-5.14.21-150400.24.41.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.aarch64", }, product_reference: "kernel-kvmsmall-5.14.21-150400.24.41.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-kvmsmall-5.14.21-150400.24.41.1.ppc64le as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.ppc64le", }, product_reference: "kernel-kvmsmall-5.14.21-150400.24.41.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-kvmsmall-5.14.21-150400.24.41.1.x86_64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.x86_64", }, product_reference: "kernel-kvmsmall-5.14.21-150400.24.41.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-kvmsmall-devel-5.14.21-150400.24.41.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.aarch64", }, product_reference: "kernel-kvmsmall-devel-5.14.21-150400.24.41.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-kvmsmall-devel-5.14.21-150400.24.41.1.ppc64le as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.ppc64le", }, product_reference: "kernel-kvmsmall-devel-5.14.21-150400.24.41.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-kvmsmall-devel-5.14.21-150400.24.41.1.x86_64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.x86_64", }, product_reference: "kernel-kvmsmall-devel-5.14.21-150400.24.41.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.aarch64", }, product_reference: "kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.ppc64le as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", }, product_reference: "kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.x86_64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.x86_64", }, product_reference: "kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-macros-5.14.21-150400.24.41.1.noarch as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.41.1.noarch", }, product_reference: "kernel-macros-5.14.21-150400.24.41.1.noarch", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-build-5.14.21-150400.24.41.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.aarch64", }, product_reference: "kernel-obs-build-5.14.21-150400.24.41.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-build-5.14.21-150400.24.41.1.ppc64le as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.ppc64le", }, product_reference: "kernel-obs-build-5.14.21-150400.24.41.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-build-5.14.21-150400.24.41.1.s390x as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.s390x", }, product_reference: "kernel-obs-build-5.14.21-150400.24.41.1.s390x", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-build-5.14.21-150400.24.41.1.x86_64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.x86_64", }, product_reference: "kernel-obs-build-5.14.21-150400.24.41.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-qa-5.14.21-150400.24.41.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.aarch64", }, product_reference: "kernel-obs-qa-5.14.21-150400.24.41.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-qa-5.14.21-150400.24.41.1.ppc64le as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.ppc64le", }, product_reference: "kernel-obs-qa-5.14.21-150400.24.41.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-qa-5.14.21-150400.24.41.1.s390x as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.s390x", }, product_reference: "kernel-obs-qa-5.14.21-150400.24.41.1.s390x", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-qa-5.14.21-150400.24.41.1.x86_64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.x86_64", }, product_reference: "kernel-obs-qa-5.14.21-150400.24.41.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-source-5.14.21-150400.24.41.1.noarch as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.41.1.noarch", }, product_reference: "kernel-source-5.14.21-150400.24.41.1.noarch", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-source-vanilla-5.14.21-150400.24.41.1.noarch as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.41.1.noarch", }, product_reference: "kernel-source-vanilla-5.14.21-150400.24.41.1.noarch", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-5.14.21-150400.24.41.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.aarch64", }, product_reference: "kernel-syms-5.14.21-150400.24.41.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-5.14.21-150400.24.41.1.ppc64le as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.ppc64le", }, product_reference: "kernel-syms-5.14.21-150400.24.41.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-5.14.21-150400.24.41.1.s390x as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.s390x", }, product_reference: "kernel-syms-5.14.21-150400.24.41.1.s390x", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-5.14.21-150400.24.41.1.x86_64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.x86_64", }, product_reference: "kernel-syms-5.14.21-150400.24.41.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-zfcpdump-5.14.21-150400.24.41.1.s390x as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.41.1.s390x", }, product_reference: "kernel-zfcpdump-5.14.21-150400.24.41.1.s390x", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kselftests-kmp-64kb-5.14.21-150400.24.41.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.41.1.aarch64", }, product_reference: "kselftests-kmp-64kb-5.14.21-150400.24.41.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kselftests-kmp-default-5.14.21-150400.24.41.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.aarch64", }, product_reference: "kselftests-kmp-default-5.14.21-150400.24.41.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kselftests-kmp-default-5.14.21-150400.24.41.1.ppc64le as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.ppc64le", }, product_reference: "kselftests-kmp-default-5.14.21-150400.24.41.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kselftests-kmp-default-5.14.21-150400.24.41.1.s390x as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.s390x", }, product_reference: "kselftests-kmp-default-5.14.21-150400.24.41.1.s390x", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kselftests-kmp-default-5.14.21-150400.24.41.1.x86_64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.x86_64", }, product_reference: "kselftests-kmp-default-5.14.21-150400.24.41.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-64kb-5.14.21-150400.24.41.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.41.1.aarch64", }, product_reference: "ocfs2-kmp-64kb-5.14.21-150400.24.41.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-default-5.14.21-150400.24.41.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", }, product_reference: "ocfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", }, product_reference: "ocfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-default-5.14.21-150400.24.41.1.s390x as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.s390x", }, product_reference: "ocfs2-kmp-default-5.14.21-150400.24.41.1.s390x", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-default-5.14.21-150400.24.41.1.x86_64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", }, product_reference: "ocfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "reiserfs-kmp-64kb-5.14.21-150400.24.41.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.41.1.aarch64", }, product_reference: "reiserfs-kmp-64kb-5.14.21-150400.24.41.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "reiserfs-kmp-default-5.14.21-150400.24.41.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.aarch64", }, product_reference: "reiserfs-kmp-default-5.14.21-150400.24.41.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "reiserfs-kmp-default-5.14.21-150400.24.41.1.ppc64le as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.ppc64le", }, product_reference: "reiserfs-kmp-default-5.14.21-150400.24.41.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "reiserfs-kmp-default-5.14.21-150400.24.41.1.s390x as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.s390x", }, product_reference: "reiserfs-kmp-default-5.14.21-150400.24.41.1.s390x", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "reiserfs-kmp-default-5.14.21-150400.24.41.1.x86_64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.x86_64", }, product_reference: "reiserfs-kmp-default-5.14.21-150400.24.41.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.4", }, ], }, vulnerabilities: [ { cve: "CVE-2022-3104", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-3104", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel through 5.16-rc6. lkdtm_ARRAY_BOUNDS in drivers/misc/lkdtm/bugs.c lacks check of the return value of kmalloc() and will cause the null pointer dereference.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-3104", url: "https://www.suse.com/security/cve/CVE-2022-3104", }, { category: "external", summary: "SUSE Bug 1206396 for CVE-2022-3104", url: "https://bugzilla.suse.com/1206396", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-01-26T09:18:49Z", details: "moderate", }, ], title: "CVE-2022-3104", }, { cve: "CVE-2022-3105", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-3105", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel through 5.16-rc6. uapi_finalize in drivers/infiniband/core/uverbs_uapi.c lacks check of kmalloc_array().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-3105", url: "https://www.suse.com/security/cve/CVE-2022-3105", }, { category: "external", summary: "SUSE Bug 1206398 for CVE-2022-3105", url: "https://bugzilla.suse.com/1206398", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-01-26T09:18:49Z", details: "moderate", }, ], title: "CVE-2022-3105", }, { cve: "CVE-2022-3106", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-3106", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel through 5.16-rc6. ef100_update_stats in drivers/net/ethernet/sfc/ef100_nic.c lacks check of the return value of kmalloc().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-3106", url: "https://www.suse.com/security/cve/CVE-2022-3106", }, { category: "external", summary: "SUSE Bug 1206397 for CVE-2022-3106", url: "https://bugzilla.suse.com/1206397", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-01-26T09:18:49Z", details: "moderate", }, ], title: "CVE-2022-3106", }, { cve: "CVE-2022-3107", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-3107", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel through 5.16-rc6. netvsc_get_ethtool_stats in drivers/net/hyperv/netvsc_drv.c lacks check of the return value of kvmalloc_array() and will cause the null pointer dereference.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-3107", url: "https://www.suse.com/security/cve/CVE-2022-3107", }, { category: "external", summary: "SUSE Bug 1206395 for CVE-2022-3107", url: "https://bugzilla.suse.com/1206395", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-01-26T09:18:49Z", details: "moderate", }, ], title: "CVE-2022-3107", }, { cve: "CVE-2022-3108", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-3108", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel through 5.16-rc6. kfd_parse_subtype_iolink in drivers/gpu/drm/amd/amdkfd/kfd_crat.c lacks check of the return value of kmemdup().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-3108", url: "https://www.suse.com/security/cve/CVE-2022-3108", }, { category: "external", summary: "SUSE Bug 1206389 for CVE-2022-3108", url: "https://bugzilla.suse.com/1206389", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-01-26T09:18:49Z", details: "moderate", }, ], title: "CVE-2022-3108", }, { cve: "CVE-2022-3111", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-3111", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel through 5.16-rc6. free_charger_irq() in drivers/power/supply/wm8350_power.c lacks free of WM8350_IRQ_CHG_FAST_RDY, which is registered in wm8350_init_charger().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-3111", url: "https://www.suse.com/security/cve/CVE-2022-3111", }, { category: "external", summary: "SUSE Bug 1206394 for CVE-2022-3111", url: "https://bugzilla.suse.com/1206394", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-01-26T09:18:49Z", details: "moderate", }, ], title: "CVE-2022-3111", }, { cve: "CVE-2022-3112", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-3112", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel through 5.16-rc6. amvdec_set_canvases in drivers/staging/media/meson/vdec/vdec_helpers.c lacks check of the return value of kzalloc() and will cause the null pointer dereference.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-3112", url: "https://www.suse.com/security/cve/CVE-2022-3112", }, { category: "external", summary: "SUSE Bug 1206399 for CVE-2022-3112", url: "https://bugzilla.suse.com/1206399", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-01-26T09:18:49Z", details: "moderate", }, ], title: "CVE-2022-3112", }, { cve: "CVE-2022-3113", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-3113", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel through 5.16-rc6. mtk_vcodec_fw_vpu_init in drivers/media/platform/mtk-vcodec/mtk_vcodec_fw_vpu.c lacks check of the return value of devm_kzalloc() and will cause the null pointer dereference.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-3113", url: "https://www.suse.com/security/cve/CVE-2022-3113", }, { category: "external", summary: "SUSE Bug 1206390 for CVE-2022-3113", url: "https://bugzilla.suse.com/1206390", }, { category: "external", summary: "SUSE Bug 1227890 for CVE-2022-3113", url: "https://bugzilla.suse.com/1227890", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-01-26T09:18:49Z", details: "moderate", }, ], title: "CVE-2022-3113", }, { cve: "CVE-2022-3114", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-3114", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel through 5.16-rc6. imx_register_uart_clocks in drivers/clk/imx/clk.c lacks check of the return value of kcalloc() and will cause the null pointer dereference.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-3114", url: "https://www.suse.com/security/cve/CVE-2022-3114", }, { category: "external", summary: "SUSE Bug 1206391 for CVE-2022-3114", url: "https://bugzilla.suse.com/1206391", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-01-26T09:18:49Z", details: "moderate", }, ], title: "CVE-2022-3114", }, { cve: "CVE-2022-3115", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-3115", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel through 5.16-rc6. malidp_crtc_reset in drivers/gpu/drm/arm/malidp_crtc.c lacks check of the return value of kzalloc() and will cause the null pointer dereference.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-3115", url: "https://www.suse.com/security/cve/CVE-2022-3115", }, { category: "external", summary: "SUSE Bug 1206393 for CVE-2022-3115", url: "https://bugzilla.suse.com/1206393", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-01-26T09:18:49Z", details: "moderate", }, ], title: "CVE-2022-3115", }, { cve: "CVE-2022-3344", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-3344", }, ], notes: [ { category: "general", text: "A flaw was found in the KVM's AMD nested virtualization (SVM). A malicious L1 guest could purposely fail to intercept the shutdown of a cooperative nested guest (L2), possibly leading to a page fault and kernel panic in the host (L0).", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-3344", url: "https://www.suse.com/security/cve/CVE-2022-3344", }, { category: "external", summary: "SUSE Bug 1204652 for CVE-2022-3344", url: "https://bugzilla.suse.com/1204652", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-01-26T09:18:49Z", details: "moderate", }, ], title: "CVE-2022-3344", }, { cve: "CVE-2022-3564", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-3564", }, ], notes: [ { category: "general", text: "A vulnerability classified as critical was found in Linux Kernel. Affected by this vulnerability is the function l2cap_reassemble_sdu of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211087.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-3564", url: "https://www.suse.com/security/cve/CVE-2022-3564", }, { category: "external", summary: "SUSE Bug 1206073 for CVE-2022-3564", url: "https://bugzilla.suse.com/1206073", }, { category: "external", summary: "SUSE Bug 1206314 for CVE-2022-3564", url: "https://bugzilla.suse.com/1206314", }, { category: "external", summary: "SUSE Bug 1208030 for CVE-2022-3564", url: "https://bugzilla.suse.com/1208030", }, { category: "external", summary: "SUSE Bug 1208044 for CVE-2022-3564", url: "https://bugzilla.suse.com/1208044", }, { category: "external", summary: "SUSE Bug 1208085 for CVE-2022-3564", url: "https://bugzilla.suse.com/1208085", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-01-26T09:18:49Z", details: "important", }, ], title: "CVE-2022-3564", }, { cve: "CVE-2022-4379", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-4379", }, ], notes: [ { category: "general", text: "A use-after-free vulnerability was found in __nfs42_ssc_open() in fs/nfs/nfs4file.c in the Linux kernel. This flaw allows an attacker to conduct a remote denial", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-4379", url: "https://www.suse.com/security/cve/CVE-2022-4379", }, { category: "external", summary: "SUSE Bug 1206209 for CVE-2022-4379", url: "https://bugzilla.suse.com/1206209", }, { category: "external", summary: "SUSE Bug 1206373 for CVE-2022-4379", url: "https://bugzilla.suse.com/1206373", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.4, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-01-26T09:18:49Z", details: "important", }, ], title: "CVE-2022-4379", }, { cve: "CVE-2022-4662", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-4662", }, ], notes: [ { category: "general", text: "A flaw incorrect access control in the Linux kernel USB core subsystem was found in the way user attaches usb device. A local user could use this flaw to crash the system.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-4662", url: "https://www.suse.com/security/cve/CVE-2022-4662", }, { category: "external", summary: "SUSE Bug 1206664 for CVE-2022-4662", url: "https://bugzilla.suse.com/1206664", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-01-26T09:18:49Z", details: "moderate", }, ], title: "CVE-2022-4662", }, { cve: "CVE-2022-47520", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-47520", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel before 6.0.11. Missing offset validation in drivers/net/wireless/microchip/wilc1000/hif.c in the WILC1000 wireless driver can trigger an out-of-bounds read when parsing a Robust Security Network (RSN) information element from a Netlink packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-47520", url: "https://www.suse.com/security/cve/CVE-2022-47520", }, { category: "external", summary: "SUSE Bug 1206515 for CVE-2022-47520", url: "https://bugzilla.suse.com/1206515", }, { category: "external", summary: "SUSE Bug 1207823 for CVE-2022-47520", url: "https://bugzilla.suse.com/1207823", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:L", version: "3.1", }, products: [ "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_41-default-1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.41.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.41.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.s390x", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.41.1.noarch", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.ppc64le", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.s390x", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.41.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.41.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-01-26T09:18:49Z", details: "important", }, ], title: "CVE-2022-47520", }, ], }
fkie_cve-2022-3104
Vulnerability from fkie_nvd
Published
2022-12-14 21:15
Modified
2024-11-21 07:18
Severity ?
Summary
An issue was discovered in the Linux kernel through 5.16-rc6. lkdtm_ARRAY_BOUNDS in drivers/misc/lkdtm/bugs.c lacks check of the return value of kmalloc() and will cause the null pointer dereference.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=2153062 | Issue Tracking, Third Party Advisory | |
| secalert@redhat.com | https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.19-rc2&id=4a9800c81d2f34afb66b4b42e0330ae8298019a2 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=2153062 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.19-rc2&id=4a9800c81d2f34afb66b4b42e0330ae8298019a2 | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linux | linux_kernel | * | |
| linux | linux_kernel | 5.16.0 | |
| linux | linux_kernel | 5.16.0 | |
| linux | linux_kernel | 5.16.0 | |
| linux | linux_kernel | 5.16.0 | |
| linux | linux_kernel | 5.16.0 | |
| linux | linux_kernel | 5.16.0 | |
| linux | linux_kernel | 5.16.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", matchCriteriaId: "02711EF3-4708-401A-A551-BF2666F9CB9A", versionEndExcluding: "5.16.0", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:5.16.0:-:*:*:*:*:*:*", matchCriteriaId: "6D91531A-B5F0-42DC-BF86-12BDB991AAD9", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:5.16.0:rc1:*:*:*:*:*:*", matchCriteriaId: "7FEA1289-2893-487A-B46C-75AA73FB409A", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:5.16.0:rc2:*:*:*:*:*:*", matchCriteriaId: "366AF5E2-1187-4871-95D7-17FB5AC61153", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:5.16.0:rc3:*:*:*:*:*:*", matchCriteriaId: "EDAA6EAB-A0D8-4522-93CD-E939BE5AC78B", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:5.16.0:rc4:*:*:*:*:*:*", matchCriteriaId: "420512FD-751B-491E-9F9E-79F6733A876D", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:5.16.0:rc5:*:*:*:*:*:*", matchCriteriaId: "21E83CF6-6096-4011-9C22-67225992771A", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:5.16.0:rc6:*:*:*:*:*:*", matchCriteriaId: "C109325B-0F6B-405E-8490-0A55A2294D79", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An issue was discovered in the Linux kernel through 5.16-rc6. lkdtm_ARRAY_BOUNDS in drivers/misc/lkdtm/bugs.c lacks check of the return value of kmalloc() and will cause the null pointer dereference.", }, { lang: "es", value: "Se descubrió un problema en el kernel de Linux hasta 5.16-rc6. lkdtm_ARRAY_BOUNDS en drivers/misc/lkdtm/bugs.c carece de verificación del valor de retorno de kmalloc() y provocará la desreferencia del puntero nulo.", }, ], id: "CVE-2022-3104", lastModified: "2024-11-21T07:18:50.067", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-12-14T21:15:11.407", references: [ { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=2153062", }, { source: "secalert@redhat.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.19-rc2&id=4a9800c81d2f34afb66b4b42e0330ae8298019a2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=2153062", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.19-rc2&id=4a9800c81d2f34afb66b4b42e0330ae8298019a2", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-476", }, ], source: "secalert@redhat.com", type: "Primary", }, ], }
ghsa-xpp2-rw22-gf34
Vulnerability from github
Published
2022-12-14 21:30
Modified
2022-12-17 00:30
Severity ?
Details
An issue was discovered in the Linux kernel through 5.16-rc6. lkdtm_ARRAY_BOUNDS in drivers/misc/lkdtm/bugs.c lacks check of the return value of kmalloc() and will cause the null pointer dereference.
{ affected: [], aliases: [ "CVE-2022-3104", ], database_specific: { cwe_ids: [ "CWE-476", ], github_reviewed: false, github_reviewed_at: null, nvd_published_at: "2022-12-14T21:15:00Z", severity: "MODERATE", }, details: "An issue was discovered in the Linux kernel through 5.16-rc6. lkdtm_ARRAY_BOUNDS in drivers/misc/lkdtm/bugs.c lacks check of the return value of kmalloc() and will cause the null pointer dereference.", id: "GHSA-xpp2-rw22-gf34", modified: "2022-12-17T00:30:21Z", published: "2022-12-14T21:30:17Z", references: [ { type: "ADVISORY", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-3104", }, { type: "WEB", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2153062", }, { type: "WEB", url: "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.19-rc2&id=4a9800c81d2f34afb66b4b42e0330ae8298019a2", }, ], schema_version: "1.4.0", severity: [ { score: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", type: "CVSS_V3", }, ], }
gsd-2022-3104
Vulnerability from gsd
Modified
2023-12-13 01:19
Details
An issue was discovered in the Linux kernel through 5.16-rc6. lkdtm_ARRAY_BOUNDS in drivers/misc/lkdtm/bugs.c lacks check of the return value of kmalloc() and will cause the null pointer dereference.
Aliases
Aliases
{ GSD: { alias: "CVE-2022-3104", id: "GSD-2022-3104", references: [ "https://www.suse.com/security/cve/CVE-2022-3104.html", ], }, gsd: { metadata: { exploitCode: "unknown", remediation: "unknown", reportConfidence: "confirmed", type: "vulnerability", }, osvSchema: { aliases: [ "CVE-2022-3104", ], details: "An issue was discovered in the Linux kernel through 5.16-rc6. lkdtm_ARRAY_BOUNDS in drivers/misc/lkdtm/bugs.c lacks check of the return value of kmalloc() and will cause the null pointer dereference.", id: "GSD-2022-3104", modified: "2023-12-13T01:19:40.299822Z", schema_version: "1.4.0", }, }, namespaces: { "cve.org": { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2022-3104", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Kernel", version: { version_data: [ { version_value: "Linux 5.16-rc6", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "An issue was discovered in the Linux kernel through 5.16-rc6. lkdtm_ARRAY_BOUNDS in drivers/misc/lkdtm/bugs.c lacks check of the return value of kmalloc() and will cause the null pointer dereference.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-476", }, ], }, ], }, references: { reference_data: [ { name: "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.19-rc2&id=4a9800c81d2f34afb66b4b42e0330ae8298019a2", refsource: "MISC", url: "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.19-rc2&id=4a9800c81d2f34afb66b4b42e0330ae8298019a2", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=2153062", refsource: "MISC", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2153062", }, ], }, }, "nvd.nist.gov": { configurations: { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:linux:linux_kernel:5.16.0:rc1:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:linux:linux_kernel:5.16.0:rc6:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:linux:linux_kernel:5.16.0:rc5:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:linux:linux_kernel:5.16.0:rc4:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:linux:linux_kernel:5.16.0:rc3:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:linux:linux_kernel:5.16.0:rc2:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "5.16.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:linux:linux_kernel:5.16.0:-:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, ], }, cve: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2022-3104", }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "en", value: "An issue was discovered in the Linux kernel through 5.16-rc6. lkdtm_ARRAY_BOUNDS in drivers/misc/lkdtm/bugs.c lacks check of the return value of kmalloc() and will cause the null pointer dereference.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "en", value: "CWE-476", }, ], }, ], }, references: { reference_data: [ { name: "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.19-rc2&id=4a9800c81d2f34afb66b4b42e0330ae8298019a2", refsource: "MISC", tags: [ "Patch", "Vendor Advisory", ], url: "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.19-rc2&id=4a9800c81d2f34afb66b4b42e0330ae8298019a2", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=2153062", refsource: "MISC", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=2153062", }, ], }, }, impact: { baseMetricV3: { cvssV3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, }, }, lastModifiedDate: "2022-12-16T21:32Z", publishedDate: "2022-12-14T21:15Z", }, }, }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.