Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2023.3900
Security update for the Linux Kernel
12 July 2023
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Linux Kernel
Publisher: SUSE
Operating System: SUSE
Resolution: Patch/Upgrade
CVE Names: CVE-2023-35824 CVE-2023-32269 CVE-2023-31436
CVE-2023-30772 CVE-2023-28772 CVE-2023-28464
CVE-2023-28328 CVE-2023-23455 CVE-2023-23454
CVE-2023-3161 CVE-2023-3159 CVE-2023-3141
CVE-2023-3090 CVE-2023-2513 CVE-2023-2194
CVE-2023-2162 CVE-2023-2124 CVE-2023-1998
CVE-2023-1990 CVE-2023-1989 CVE-2023-1670
CVE-2023-1611 CVE-2023-1513 CVE-2023-1390
CVE-2023-1380 CVE-2023-1249 CVE-2023-1118
CVE-2023-1095 CVE-2023-1077 CVE-2023-0590
CVE-2022-45919 CVE-2022-45887 CVE-2022-45886
CVE-2022-45885 CVE-2022-45884 CVE-2022-3566
CVE-2018-20784 CVE-2017-5753
Original Bulletin:
https://www.suse.com/support/update/announcement/2023/suse-su-20232805-1
Comment: CVSS (Max): 7.8 CVE-2023-3159 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVSS Source: SUSE
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- --------------------------BEGIN INCLUDED TEXT--------------------
Security update for the Linux Kernel
Announcement ID: SUSE-SU-2023:2805-1
Rating: important
o #1126703
o #1204405
o #1205756
o #1205758
o #1205760
o #1205762
o #1205803
o #1206878
o #1207036
o #1207125
o #1207168
o #1207795
o #1208600
o #1208777
o #1208837
o #1209008
o #1209039
o #1209052
o #1209256
o #1209287
o #1209289
References: o #1209291
o #1209532
o #1209549
o #1209687
o #1209871
o #1210329
o #1210336
o #1210337
o #1210498
o #1210506
o #1210647
o #1210715
o #1210940
o #1211105
o #1211186
o #1211449
o #1212128
o #1212129
o #1212154
o #1212501
o #1212842
o CVE-2017-5753
o CVE-2018-20784
o CVE-2022-3566
o CVE-2022-45884
o CVE-2022-45885
o CVE-2022-45886
o CVE-2022-45887
o CVE-2022-45919
o CVE-2023-0590
o CVE-2023-1077
o CVE-2023-1095
o CVE-2023-1118
o CVE-2023-1249
o CVE-2023-1380
o CVE-2023-1390
o CVE-2023-1513
o CVE-2023-1611
o CVE-2023-1670
o CVE-2023-1989
Cross-References: o CVE-2023-1990
o CVE-2023-1998
o CVE-2023-2124
o CVE-2023-2162
o CVE-2023-2194
o CVE-2023-23454
o CVE-2023-23455
o CVE-2023-2513
o CVE-2023-28328
o CVE-2023-28464
o CVE-2023-28772
o CVE-2023-30772
o CVE-2023-3090
o CVE-2023-3141
o CVE-2023-31436
o CVE-2023-3159
o CVE-2023-3161
o CVE-2023-32269
o CVE-2023-35824
o CVE-2017-5753 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/
S:C/C:H/I:N/A:N
o CVE-2017-5753 ( SUSE ): 7.1 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/
S:C/C:H/I:N/A:N
o CVE-2017-5753 ( NVD ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/
S:C/C:H/I:N/A:N
o CVE-2017-5753 ( NVD ): 5.6 CVSS:3.0/AV:L/AC:H/PR:L/UI:N/
S:C/C:H/I:N/A:N
o CVE-2018-20784 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N
/S:U/C:N/I:N/A:H
o CVE-2018-20784 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/
S:U/C:H/I:H/A:H
o CVE-2018-20784 ( NVD ): 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/
S:U/C:H/I:H/A:H
o CVE-2022-3566 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/
S:U/C:N/I:N/A:H
o CVE-2022-3566 ( NVD ): 7.1 CVSS:3.1/AV:A/AC:H/PR:L/UI:N/
S:U/C:H/I:H/A:H
o CVE-2022-45884 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N
/S:U/C:N/I:N/A:H
o CVE-2022-45884 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/
S:U/C:H/I:H/A:H
o CVE-2022-45885 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N
/S:U/C:N/I:N/A:H
o CVE-2022-45885 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/
S:U/C:H/I:H/A:H
o CVE-2022-45886 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N
/S:U/C:N/I:N/A:H
o CVE-2022-45886 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/
S:U/C:H/I:H/A:H
o CVE-2022-45887 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N
/S:U/C:N/I:N/A:H
o CVE-2022-45887 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/
S:U/C:N/I:N/A:H
o CVE-2022-45919 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N
/S:U/C:H/I:H/A:H
o CVE-2022-45919 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/
S:U/C:H/I:H/A:H
o CVE-2023-0590 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/
S:U/C:H/I:H/A:H
o CVE-2023-0590 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/
S:U/C:N/I:N/A:H
o CVE-2023-1077 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/
S:U/C:H/I:H/A:H
o CVE-2023-1077 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/
S:U/C:H/I:H/A:H
o CVE-2023-1095 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/
S:U/C:N/I:N/A:H
o CVE-2023-1095 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/
S:U/C:N/I:N/A:H
o CVE-2023-1118 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/
S:U/C:H/I:H/A:H
o CVE-2023-1118 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/
S:U/C:H/I:H/A:H
o CVE-2023-1249 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/
S:U/C:N/I:L/A:H
o CVE-2023-1249 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/
S:U/C:N/I:N/A:H
o CVE-2023-1380 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/
S:U/C:L/I:N/A:N
o CVE-2023-1380 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/
S:U/C:H/I:N/A:H
o CVE-2023-1390 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/
S:U/C:N/I:N/A:H
o CVE-2023-1390 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/
S:U/C:N/I:N/A:H
o CVE-2023-1513 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/
S:U/C:N/I:N/A:L
o CVE-2023-1513 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/
S:U/C:L/I:N/A:N
o CVE-2023-1611 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/
S:U/C:N/I:N/A:H
o CVE-2023-1611 ( NVD ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/
S:U/C:H/I:N/A:H
o CVE-2023-1670 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/
S:U/C:N/I:N/A:H
o CVE-2023-1670 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/
S:U/C:H/I:H/A:H
o CVE-2023-1989 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/
CVSS scores: S:U/C:H/I:H/A:H
o CVE-2023-1989 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/
S:U/C:H/I:H/A:H
o CVE-2023-1990 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/
S:U/C:H/I:H/A:H
o CVE-2023-1990 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/
S:U/C:N/I:N/A:H
o CVE-2023-1998 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/
S:C/C:H/I:N/A:N
o CVE-2023-1998 ( NVD ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/
S:C/C:H/I:N/A:N
o CVE-2023-2124 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/
S:U/C:H/I:H/A:H
o CVE-2023-2124 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/
S:U/C:H/I:H/A:H
o CVE-2023-2162 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/
S:U/C:H/I:H/A:H
o CVE-2023-2162 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/
S:U/C:H/I:N/A:N
o CVE-2023-2194 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/
S:U/C:N/I:H/A:L
o CVE-2023-2194 ( NVD ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/
S:U/C:H/I:H/A:H
o CVE-2023-23454 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N
/S:U/C:H/I:H/A:H
o CVE-2023-23454 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/
S:U/C:N/I:N/A:H
o CVE-2023-23455 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N
/S:U/C:H/I:H/A:H
o CVE-2023-23455 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/
S:U/C:N/I:N/A:H
o CVE-2023-2513 ( SUSE ): 6.6 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/
S:U/C:H/I:H/A:H
o CVE-2023-2513 ( NVD ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/
S:U/C:H/I:H/A:H
o CVE-2023-28328 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N
/S:U/C:N/I:N/A:H
o CVE-2023-28328 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/
S:U/C:N/I:N/A:H
o CVE-2023-28464 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N
/S:U/C:H/I:H/A:H
o CVE-2023-28464 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/
S:U/C:H/I:H/A:H
o CVE-2023-28772 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N
/S:U/C:H/I:H/A:H
o CVE-2023-28772 ( NVD ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/
S:U/C:H/I:H/A:H
o CVE-2023-30772 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N
/S:U/C:H/I:H/A:H
o CVE-2023-30772 ( NVD ): 6.4 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/
S:U/C:H/I:H/A:H
o CVE-2023-3090 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/
S:U/C:H/I:H/A:H
o CVE-2023-3090 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/
S:U/C:H/I:H/A:H
o CVE-2023-3141 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/
S:U/C:N/I:L/A:H
o CVE-2023-3141 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/
S:U/C:H/I:N/A:H
o CVE-2023-31436 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N
/S:U/C:H/I:H/A:H
o CVE-2023-31436 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/
S:U/C:H/I:H/A:H
o CVE-2023-3159 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/
S:U/C:H/I:H/A:H
o CVE-2023-3159 ( NVD ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/
S:U/C:H/I:H/A:H
o CVE-2023-3161 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/
S:U/C:N/I:N/A:H
o CVE-2023-3161 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/
S:U/C:N/I:N/A:H
o CVE-2023-32269 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N
/S:U/C:N/I:N/A:H
o CVE-2023-32269 ( NVD ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/
S:U/C:H/I:H/A:H
o CVE-2023-35824 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N
/S:U/C:N/I:N/A:H
o CVE-2023-35824 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/
S:U/C:H/I:H/A:H
Affected o SUSE Linux Enterprise High Performance Computing 12 SP2
Products: o SUSE Linux Enterprise Server 12 SP2
o SUSE Linux Enterprise Server 12 SP2 BCL 12-SP2
An update that solves 38 vulnerabilities and has four fixes can now be
installed.
Description:
The SUSE Linux Enterprise 12 SP2 kernel was updated to receive various security
and bugfixes.
The following security bugs were fixed:
o CVE-2017-5753: Fixed spectre vulnerability in prlimit (bsc#1209256).
o CVE-2022-3566: Fixed race condition in the TCP Handler (bsc#1204405).
o CVE-2022-45884: Fixed a use-after-free in dvbdev.c, related to
dvb_register_device dynamically allocating fops (bsc#1205756).
o CVE-2022-45885: Fixed a race condition in dvb_frontend.c that could cause a
use-after-free when a device is disconnected (bsc#1205758).
o CVE-2022-45886: Fixed a .disconnect versus dvb_device_open race condition
in dvb_net.c that lead to a use-after-free (bsc#1205760).
o CVE-2022-45887: Fixed a memory leak in ttusb_dec.c caused by the lack of a
dvb_frontend_detach call (bsc#1205762).
o CVE-2022-45919: Fixed a use-after-free in dvb_ca_en50221.c that could occur
if there is a disconnect after an open, because of the lack of a wait_event
(bsc#1205803).
o CVE-2023-0590: Fixed race condition in qdisc_graft() (bsc#1207795).
o CVE-2023-1077: Fixed a type confusion in pick_next_rt_entity(), that could
cause memory corruption (bsc#1208600).
o CVE-2023-1095: Fixed a NULL pointer dereference in nf_tables due to zeroed
list head (bsc#1208777).
o CVE-2023-1118: Fixed a use-after-free bugs caused by ene_tx_irqsim() in
media/rc (bsc#1208837).
o CVE-2023-1249: Fixed a use-after-free flaw in the core dump subsystem that
allowed a local user to crash the system (bsc#1209039).
o CVE-2023-1380: Fixed a slab-out-of-bound read problem in
brcmf_get_assoc_ies() (bsc#1209287).
o CVE-2023-1390: Fixed remote DoS vulnerability in tipc_link_xmit() (bsc#
1209289).
o CVE-2023-1513: Fixed an uninitialized portions of the kvm_debugregs
structure that could be copied to userspace, causing an information leak
(bsc#1209532).
o CVE-2023-1611: Fixed an use-after-free flaw in btrfs_search_slot (bsc#
1209687).
o CVE-2023-1670: Fixed a use after free in the Xircom 16-bit PCMCIA Ethernet
driver. A local user could use this flaw to crash the system or potentially
escalate their privileges on the system (bsc#1209871).
o CVE-2023-1989: Fixed a use after free in btsdio_remove (bsc#1210336).
o CVE-2023-1990: Fixed a use after free in ndlc_remove (bsc#1210337).
o CVE-2023-1998: Fixed a use after free during login when accessing the shost
ipaddress (bsc#1210506).
o CVE-2023-2124: Fixed an out-of-bound access in the XFS subsystem that could
have lead to denial-of-service or potentially privilege escalation (bsc#
1210498).
o CVE-2023-2162: Fixed an use-after-free flaw in iscsi_sw_tcp_session_create
(bsc#1210647).
o CVE-2023-2194: Fixed an out-of-bounds write vulnerability in the SLIMpro
I2C device driver (bsc#1210715).
o CVE-2023-23454: Fixed a type-confusion in the CBQ network scheduler (bsc#
1207036).
o CVE-2023-23455: Fixed a denial of service inside atm_tc_enqueue in net/
sched/sch_atm.c because of type confusion (non-negative numbers can
sometimes indicate a TC_ACT_SHOT condition rather than valid classification
results) (bsc#1207125).
o CVE-2023-2513: Fixed a use-after-free vulnerability in the ext4 filesystem
(bsc#1211105).
o CVE-2023-28328: Fixed a denial of service issue in az6027 driver in drivers
/media/usb/dev-usb/az6027.c (bsc#1209291).
o CVE-2023-28464: Fixed user-after-free that could lead to privilege
escalation in hci_conn_cleanup in net/uetooth/hci_conn.c (bsc#1209052).
o CVE-2023-28772: Fixed buffer overflow in seq_buf_putmem_hex in lib/
seq_buf.c (bsc#1209549).
o CVE-2023-30772: Fixed race condition and resultant use-after-free in
da9150_charger_remove (bsc#1210329).
o CVE-2023-3090: Fixed a heap out-of-bounds write in the ipvlan network
driver (bsc#1212842).
o CVE-2023-3141: Fixed a use-after-free flaw in r592_remove in drivers/
memstick/host/r592.c, that allowed local attackers to crash the system at
device disconnect (bsc#1212129).
o CVE-2023-31436: Fixed an out-of-bounds write in qfq_change_class() because
lmax can exceed QFQ_MIN_LMAX (bsc#1210940).
o CVE-2023-3159: Fixed use-after-free issue in driver/firewire in
outbound_phy_packet_callback (bsc#1212128).
o CVE-2023-3161: Fixed shift-out-of-bounds in fbcon_set_font() (bsc#1212154).
o CVE-2023-32269: Fixed a use-after-free in af_netrom.c, related to the fact
that accept() was also allowed for a successfully connected AF_NETROM
socket (bsc#1211186).
o CVE-2023-35824: Fixed a use-after-free in dm1105_remove in drivers/media/
pci/dm1105/dm1105.c (bsc#1212501).
The following non-security bugs were fixed:
o Do not sign the vanilla kernel (bsc#1209008).
o Drop dvb-core fix patch due to regression (bsc#1205758).
o Revert CVE-2018-20784 due to regression (bsc#1126703).
o binfmt_elf: Take the mmap lock when walking the VMA list (bsc#1209039
CVE-2023-1249).
o bluetooth: Fix double free in hci_conn_cleanup (bsc#1209052
CVE-2023-28464).
o bluetooth: btsdio: fix use after free bug in btsdio_remove due to
unfinished work (CVE-2023-1989 bsc#1210336).
o btrfs: fix race between quota disable and quota assign ioctls
(CVE-2023-1611 bsc#1209687).
o do not fallthrough in cbq_classify and stop on TC_ACT_SHOT (bsc#1207036
CVE-2023-23454 bsc#1207125 CVE-2023-23455).
o ext4: add EXT4_INODE_HAS_XATTR_SPACE macro in xattr.h (bsc#1206878).
o ext4: fix use-after-free in ext4_xattr_set_entry (bsc#1206878 bsc#1211105
CVE-2023-2513).
o fbcon: Check font dimension limits (CVE-2023-3161 bsc#1212154).
o firewire: fix potential uaf in outbound_phy_packet_callback()
(CVE-2023-3159 bsc#1212128).
o fix a mistake in the CVE-2023-0590 / bsc#1207795 backport
o i2c: xgene-slimpro: Fix out-of-bounds bug in xgene_slimpro_i2c_xfer() (bsc#
1210715 CVE-2023-2194).
o ipv6: raw: Deduct extension header length in rawv6_push_pending_frames (bsc
#1207168).
o ipvlan:Fix out-of-bounds caused by unclear skb->cb (bsc#1212842
CVE-2023-3090).
o kernel/sys.c: fix potential Spectre v1 issue (bsc#1209256 CVE-2017-5753).
o kvm: initialize all of the kvm_debugregs structure before sending it to
userspace (bsc#1209532 CVE-2023-1513).
o media: dm1105: Fix use after free bug in dm1105_remove due to race
condition (bsc#1212501 CVE-2023-35824).
o media: dvb-core: Fix use-after-free due on race condition at dvb_net
(CVE-2022-45886 bsc#1205760).
o media: dvb-core: Fix use-after-free due to race at dvb_register_device()
(CVE-2022-45884 bsc#1205756).
o media: dvb-core: Fix use-after-free due to race condition at dvb_ca_en50221
(CVE-2022-45919 bsc#1205803).
o media: dvb-core: Fix use-after-free on race condition at dvb_frontend
(CVE-2022-45885 bsc#1205758).
o media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer() (bsc#
1209291 CVE-2023-28328).
o media: dvb_frontend: kABI workaround (CVE-2022-45885 bsc#1205758).
o media: dvb_net: kABI workaround (CVE-2022-45886 bsc#1205760).
o media: dvbdev: fix error logic at dvb_register_device() (CVE-2022-45884 bsc
#1205756).
o media: rc: Fix use-after-free bugs caused by ene_tx_irqsim() (CVE-2023-1118
bsc#1208837).
o media: ttusb-dec: fix memory leak in ttusb_dec_exit_dvb() (CVE-2022-45887
bsc#1205762).
o memstick: r592: Fix UAF bug in r592_remove due to race condition
(CVE-2023-3141 bsc#1212129 bsc#1211449).
o net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg (bsc#
1210940 CVE-2023-31436).
o netfilter: nf_tables: fix null deref due to zeroed list head (CVE-2023-1095
bsc#1208777).
o netrom: Fix use-after-free caused by accept on already connected socket
(bsc#1211186 CVE-2023-32269).
o nfc: st-nci: Fix use after free bug in ndlc_remove due to race condition
(git-fixes bsc#1210337 CVE-2023-1990).
o power: supply: da9150: Fix use after free bug in da9150_charger_remove due
to race condition (CVE-2023-30772 bsc#1210329).
o prlimit: do_prlimit needs to have a speculation check (bsc#1209256
CVE-2017-5753).
o sched/rt: pick_next_rt_entity(): check list_entry (bsc#1208600
CVE-2023-1077).
o scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress
(bsc#1210647 CVE-2023-2162).
o seq_buf: Fix overflow in seq_buf_putmem_hex() (bsc#1209549 CVE-2023-28772).
o tcp: Fix data races around icsk->icsk_af_ops (bsc#1204405 CVE-2022-3566).
o tipc: fix NULL deref in tipc_link_xmit() (bsc#1209289 CVE-2023-1390).
o wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies() (bsc#
1209287 CVE-2023-1380).
o x86/speculation: Allow enabling STIBP with legacy IBRS (bsc#1210506
CVE-2023-1998).
o xfs: verify buffer contents when we skip log replay (bsc#1210498
CVE-2023-2124).
o xirc2ps_cs: Fix use after free bug in xirc2ps_detach (bsc#1209871
CVE-2023-1670).
Special Instructions and Notes:
o Please reboot the system after installing this update.
Patch Instructions:
To install this SUSE Important update use the SUSE recommended installation
methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
o SUSE Linux Enterprise Server 12 SP2 BCL 12-SP2
zypper in -t patch SUSE-SLE-SERVER-12-SP2-BCL-2023-2805=1
Package List:
o SUSE Linux Enterprise Server 12 SP2 BCL 12-SP2 (nosrc x86_64)
kernel-default-4.4.121-92.205.1
o SUSE Linux Enterprise Server 12 SP2 BCL 12-SP2 (x86_64)
kernel-syms-4.4.121-92.205.1
kernel-default-base-debuginfo-4.4.121-92.205.1
kernel-default-debuginfo-4.4.121-92.205.1
kernel-default-devel-4.4.121-92.205.1
kernel-default-base-4.4.121-92.205.1
kernel-default-debugsource-4.4.121-92.205.1
o SUSE Linux Enterprise Server 12 SP2 BCL 12-SP2 (noarch)
kernel-devel-4.4.121-92.205.1
kernel-macros-4.4.121-92.205.1
kernel-source-4.4.121-92.205.1
References:
o https://www.suse.com/security/cve/CVE-2017-5753.html
o https://www.suse.com/security/cve/CVE-2018-20784.html
o https://www.suse.com/security/cve/CVE-2022-3566.html
o https://www.suse.com/security/cve/CVE-2022-45884.html
o https://www.suse.com/security/cve/CVE-2022-45885.html
o https://www.suse.com/security/cve/CVE-2022-45886.html
o https://www.suse.com/security/cve/CVE-2022-45887.html
o https://www.suse.com/security/cve/CVE-2022-45919.html
o https://www.suse.com/security/cve/CVE-2023-0590.html
o https://www.suse.com/security/cve/CVE-2023-1077.html
o https://www.suse.com/security/cve/CVE-2023-1095.html
o https://www.suse.com/security/cve/CVE-2023-1118.html
o https://www.suse.com/security/cve/CVE-2023-1249.html
o https://www.suse.com/security/cve/CVE-2023-1380.html
o https://www.suse.com/security/cve/CVE-2023-1390.html
o https://www.suse.com/security/cve/CVE-2023-1513.html
o https://www.suse.com/security/cve/CVE-2023-1611.html
o https://www.suse.com/security/cve/CVE-2023-1670.html
o https://www.suse.com/security/cve/CVE-2023-1989.html
o https://www.suse.com/security/cve/CVE-2023-1990.html
o https://www.suse.com/security/cve/CVE-2023-1998.html
o https://www.suse.com/security/cve/CVE-2023-2124.html
o https://www.suse.com/security/cve/CVE-2023-2162.html
o https://www.suse.com/security/cve/CVE-2023-2194.html
o https://www.suse.com/security/cve/CVE-2023-23454.html
o https://www.suse.com/security/cve/CVE-2023-23455.html
o https://www.suse.com/security/cve/CVE-2023-2513.html
o https://www.suse.com/security/cve/CVE-2023-28328.html
o https://www.suse.com/security/cve/CVE-2023-28464.html
o https://www.suse.com/security/cve/CVE-2023-28772.html
o https://www.suse.com/security/cve/CVE-2023-30772.html
o https://www.suse.com/security/cve/CVE-2023-3090.html
o https://www.suse.com/security/cve/CVE-2023-3141.html
o https://www.suse.com/security/cve/CVE-2023-31436.html
o https://www.suse.com/security/cve/CVE-2023-3159.html
o https://www.suse.com/security/cve/CVE-2023-3161.html
o https://www.suse.com/security/cve/CVE-2023-32269.html
o https://www.suse.com/security/cve/CVE-2023-35824.html
o https://bugzilla.suse.com/show_bug.cgiid=1126703
o https://bugzilla.suse.com/show_bug.cgiid=1204405
o https://bugzilla.suse.com/show_bug.cgiid=1205756
o https://bugzilla.suse.com/show_bug.cgiid=1205758
o https://bugzilla.suse.com/show_bug.cgiid=1205760
o https://bugzilla.suse.com/show_bug.cgiid=1205762
o https://bugzilla.suse.com/show_bug.cgiid=1205803
o https://bugzilla.suse.com/show_bug.cgiid=1206878
o https://bugzilla.suse.com/show_bug.cgiid=1207036
o https://bugzilla.suse.com/show_bug.cgiid=1207125
o https://bugzilla.suse.com/show_bug.cgiid=1207168
o https://bugzilla.suse.com/show_bug.cgiid=1207795
o https://bugzilla.suse.com/show_bug.cgiid=1208600
o https://bugzilla.suse.com/show_bug.cgiid=1208777
o https://bugzilla.suse.com/show_bug.cgiid=1208837
o https://bugzilla.suse.com/show_bug.cgiid=1209008
o https://bugzilla.suse.com/show_bug.cgiid=1209039
o https://bugzilla.suse.com/show_bug.cgiid=1209052
o https://bugzilla.suse.com/show_bug.cgiid=1209256
o https://bugzilla.suse.com/show_bug.cgiid=1209287
o https://bugzilla.suse.com/show_bug.cgiid=1209289
o https://bugzilla.suse.com/show_bug.cgiid=1209291
o https://bugzilla.suse.com/show_bug.cgiid=1209532
o https://bugzilla.suse.com/show_bug.cgiid=1209549
o https://bugzilla.suse.com/show_bug.cgiid=1209687
o https://bugzilla.suse.com/show_bug.cgiid=1209871
o https://bugzilla.suse.com/show_bug.cgiid=1210329
o https://bugzilla.suse.com/show_bug.cgiid=1210336
o https://bugzilla.suse.com/show_bug.cgiid=1210337
o https://bugzilla.suse.com/show_bug.cgiid=1210498
o https://bugzilla.suse.com/show_bug.cgiid=1210506
o https://bugzilla.suse.com/show_bug.cgiid=1210647
o https://bugzilla.suse.com/show_bug.cgiid=1210715
o https://bugzilla.suse.com/show_bug.cgiid=1210940
o https://bugzilla.suse.com/show_bug.cgiid=1211105
o https://bugzilla.suse.com/show_bug.cgiid=1211186
o https://bugzilla.suse.com/show_bug.cgiid=1211449
o https://bugzilla.suse.com/show_bug.cgiid=1212128
o https://bugzilla.suse.com/show_bug.cgiid=1212129
o https://bugzilla.suse.com/show_bug.cgiid=1212154
o https://bugzilla.suse.com/show_bug.cgiid=1212501
o https://bugzilla.suse.com/show_bug.cgiid=1212842
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: https://auscert.org.au/gpg-key/
iQIVAwUBZK4TL8kNZI30y1K9AQgllA//UpxFSlGvZDWJtfmyHe/Xg6adaDxA7zr1
mhKYyF8OXOer/LmPemCyRkqltXDL1SnT6JIA28abiQZo4L6FxacHhOE3C1eXlY0i
7HByp4c/u4d+So++9Of5paNX4lZAqnJqKjN3KKlJ3xWM5PSgWHknvoR5M3BEBSi2
nzFYmeZyOBukUlo5Hnt8Fay7BIQ3QPUAexlF/n08uafjbf2TRijMDvUG+HlM8UM7
6g83qAiuiArUSU55u0LepHn7yfrXX91Rjk+thOdbpqm9tCG/pL0Qc1I0B6yjLlZ2
awm6hFLli3xbYYVkz52GDBU5LDT3ZvNKdw8i1bYS1gRjI9njfF2/PeUiMt/48jxg
prUuoC5MA1hNcTUnMUysNgR1NbZx4pxRfmnXraBg+IKhdnUR/JVQL8n2kSk0Nf5O
fxMahjA9KdJt8nmgQCNEl34qif8qVtcwhPPTgmbEElR4sl2OE8memjhcixOjyTZb
GRaPdYd4FPawq5jm6xOpjyN+ef4vKH7FP7LklA9YktaAO1gu5g86Mxgmw3neovn5
tRcv0V3zAZmjqmc48KotKg7cjEh+poIrZDnpxqyEFUbyX9zuW76k8ysnJ9ai0Xp1
PTa0dS6GCTSk4Bm/pMj0NVPMkKweaDxc+0F06nt4pVoOkIOtHIgxAuccLrxpP3ui
PTdElM6SBIc=
=0nMf
-----END PGP SIGNATURE-----