SUSE-SU-2023:1892-1

Source
https://www.suse.com/support/update/announcement/2023/suse-su-20231892-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2023:1892-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2023:1892-1
Related
Published
2023-07-06T01:58:50Z
Modified
2023-07-06T01:58:50Z
Summary
Security update for the Linux Kernel
Details

The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

  • CVE-2023-0461: Fixed use-after-free in icskulpdata (bsc#1208787).
  • CVE-2023-28772: Fixed buffer overflow in seqbufputmemhex in lib/seqbuf.c (bsc#1209549).
  • CVE-2023-1513: Fixed an uninitialized portions of the kvm_debugregs structure that could be copied to userspace, causing an information leak (bsc#1209532).
  • CVE-2023-28464: Fixed use-after-free that could lead to privilege escalation in hciconncleanup in net/bluetooth/hci_conn.c (bsc#1209052).
  • CVE-2023-0394: Fixed a null pointer dereference flaw in the network subcomponent in the Linux kernel which could lead to system crash (bsc#1207168).
  • CVE-2023-28466: Fixed race condition that could lead to use-after-free or NULL pointer dereference in dotlsgetsockopt in net/tls/tls_main.c (bsc#1209366).
  • CVE-2021-3923: Fixed stack information leak vulnerability that could lead to kernel protection bypass in infiniband RDMA (bsc#1209778).
  • CVE-2023-1390: Fixed remote DoS vulnerability in tipclinkxmit() (bsc#1209289).
  • CVE-2022-4744: Fixed double-free that could lead to DoS or privilege escalation in TUN/TAP device driver functionality (bsc#1209635).
  • CVE-2023-1281: Fixed use after free that could lead to privilege escalation in tcindex (bsc#1209634).
  • CVE-2023-1582: Fixed soft lockup in _pagemapcount (bsc#1209636).
  • CVE-2023-28327: Fixed DoS in inskb in unixdiaggetexact() (bsc#1209290).
  • CVE-2017-5753: Fixed spectre vulnerability in prlimit (bsc#1209256).
  • CVE-2023-1382: Fixed denial of service in tipcconnclose (bsc#1209288).
  • CVE-2023-28328: Fixed a denial of service issue in az6027 driver in drivers/media/usb/dev-usb/az6027.c (bsc#1209291).
  • CVE-2023-1078: Fixed a heap out-of-bounds write in rdsrmzerocopy_callback (bsc#1208601).
  • CVE-2023-1075: Fixed a type confusion in tlsistx_ready (bsc#1208598).
  • CVE-2017-5753: Fixed spectre V1 vulnerability on netlink (bsc#1209547).

The following non-security bugs were fixed:

  • ipv6: raw: Deduct extension header length in rawv6pushpending_frames (bsc#1207168).
  • net: ena: optimize data access in fast-path code (bsc#1208137).
  • PCI: hv: Add a per-bus mutex state_lock (bsc#1209785).
  • PCI: hv: fix a race condition bug in hvpciquery_relations() (bsc#1209785).
  • PCI: hv: Fix a race condition in hvirqunmask() that can cause panic (bsc#1209785).
  • PCI: hv: Remove the useless hvpcichildstate from struct hvpcidev (bsc#1209785).
References

Affected packages

SUSE:Real Time Module 15 SP3 / kernel-rt

Package

Name
kernel-rt
Purl
purl:rpm/suse/kernel-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-150300.124.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-devel-rt": "5.3.18-150300.124.1",
            "dlm-kmp-rt": "5.3.18-150300.124.1",
            "kernel-rt-devel": "5.3.18-150300.124.1",
            "cluster-md-kmp-rt": "5.3.18-150300.124.1",
            "kernel-rt_debug-devel": "5.3.18-150300.124.1",
            "kernel-source-rt": "5.3.18-150300.124.1",
            "kernel-rt": "5.3.18-150300.124.1",
            "ocfs2-kmp-rt": "5.3.18-150300.124.1",
            "gfs2-kmp-rt": "5.3.18-150300.124.1",
            "kernel-syms-rt": "5.3.18-150300.124.1"
        }
    ]
}

SUSE:Real Time Module 15 SP3 / kernel-rt_debug

Package

Name
kernel-rt_debug
Purl
purl:rpm/suse/kernel-rt_debug&distro=SUSE%20Real%20Time%20Module%2015%20SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-150300.124.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-devel-rt": "5.3.18-150300.124.1",
            "dlm-kmp-rt": "5.3.18-150300.124.1",
            "kernel-rt-devel": "5.3.18-150300.124.1",
            "cluster-md-kmp-rt": "5.3.18-150300.124.1",
            "kernel-rt_debug-devel": "5.3.18-150300.124.1",
            "kernel-source-rt": "5.3.18-150300.124.1",
            "kernel-rt": "5.3.18-150300.124.1",
            "ocfs2-kmp-rt": "5.3.18-150300.124.1",
            "gfs2-kmp-rt": "5.3.18-150300.124.1",
            "kernel-syms-rt": "5.3.18-150300.124.1"
        }
    ]
}

SUSE:Real Time Module 15 SP3 / kernel-source-rt

Package

Name
kernel-source-rt
Purl
purl:rpm/suse/kernel-source-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-150300.124.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-devel-rt": "5.3.18-150300.124.1",
            "dlm-kmp-rt": "5.3.18-150300.124.1",
            "kernel-rt-devel": "5.3.18-150300.124.1",
            "cluster-md-kmp-rt": "5.3.18-150300.124.1",
            "kernel-rt_debug-devel": "5.3.18-150300.124.1",
            "kernel-source-rt": "5.3.18-150300.124.1",
            "kernel-rt": "5.3.18-150300.124.1",
            "ocfs2-kmp-rt": "5.3.18-150300.124.1",
            "gfs2-kmp-rt": "5.3.18-150300.124.1",
            "kernel-syms-rt": "5.3.18-150300.124.1"
        }
    ]
}

SUSE:Real Time Module 15 SP3 / kernel-syms-rt

Package

Name
kernel-syms-rt
Purl
purl:rpm/suse/kernel-syms-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-150300.124.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-devel-rt": "5.3.18-150300.124.1",
            "dlm-kmp-rt": "5.3.18-150300.124.1",
            "kernel-rt-devel": "5.3.18-150300.124.1",
            "cluster-md-kmp-rt": "5.3.18-150300.124.1",
            "kernel-rt_debug-devel": "5.3.18-150300.124.1",
            "kernel-source-rt": "5.3.18-150300.124.1",
            "kernel-rt": "5.3.18-150300.124.1",
            "ocfs2-kmp-rt": "5.3.18-150300.124.1",
            "gfs2-kmp-rt": "5.3.18-150300.124.1",
            "kernel-syms-rt": "5.3.18-150300.124.1"
        }
    ]
}

SUSE:Linux Enterprise Micro 5.1 / kernel-rt

Package

Name
kernel-rt
Purl
purl:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.1

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-150300.124.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-rt": "5.3.18-150300.124.1"
        }
    ]
}

SUSE:Linux Enterprise Micro 5.2 / kernel-rt

Package

Name
kernel-rt
Purl
purl:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-150300.124.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-rt": "5.3.18-150300.124.1"
        }
    ]
}