SUSE-SU-2023:2156-1

Source
https://www.suse.com/support/update/announcement/2023/suse-su-20232156-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2023:2156-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2023:2156-1
Related
Published
2023-05-10T11:17:54Z
Modified
2023-05-10T11:17:54Z
Summary
Security update for the Linux Kernel
Details

The SUSE Linux Enterprise 12 SP5 RT kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

  • CVE-2023-2124: Fixed an out of bound access in the XFS subsystem that could have lead to denial-of-service or potentially privilege escalation (bsc#1210498).
  • CVE-2023-1670: Fixed a use after free in the Xircom 16-bit PCMCIA Ethernet driver. A local user could use this flaw to crash the system or potentially escalate their privileges on the system (bsc#1209871).
  • CVE-2023-2162: Fixed an use-after-free flaw in iscsiswtcpsessioncreate (bsc#1210647).
  • CVE-2023-1998: Fixed a use after free during login when accessing the shost ipaddress (bsc#1210506).
  • CVE-2023-30772: Fixed a race condition and resultant use-after-free in da9150chargerremove (bsc#1210329).
  • CVE-2023-1855: Fixed a use after free in xgenehwmonremove (bsc#1210202).
  • CVE-2023-1989: Fixed a use after free in btsdio_remove (bsc#1210336).
  • CVE-2023-1990: Fixed a use after free in ndlc_remove (bsc#1210337).

The following non-security bugs were fixed:

  • ath10k: Fix error handling in case of CE pipe init failure (git-fixes).
  • ath10k: Fix missing frame timestamp for beacon/probe-resp (git-fixes).
  • ath10k: Fix the parsing error in service available event (git-fixes).
  • ath10k: add missing error return code in ath10kpciprobe() (git-fixes).
  • ath10k: fix control-message timeout (git-fixes).
  • ath10k: fix division by zero in send path (git-fixes).
  • ath10k: fix memory overwrite of the WoWLAN wakeup packet pattern (git-fixes).
  • audit: improve audit queue handling when 'audit=1' on cmdline (bsc#1209969).
  • bpf, x86: Fix encoding for lower 8-bit registers in BPFSTX BPFB (git-fixes).
  • cachefiles: Drop superfluous readpages aops NULL check (bsc#1210430).
  • cachefiles: Fix page leak in cachefilesreadbacking_file while vmscan is active (bsc#1210430).
  • cachefiles: Fix race between readwaiter and readcopier involving op->to_do (bsc#1210430).
  • cachefiles: Handle readpage error correctly (bsc#1210430).
  • cgroup/cpuset: Wake up cpusetattachwq tasks in cpusetcancelattach() (bsc#1210827).
  • cifs: fix negotiate context parsing (bsc#1210301).
  • cifs: fix open leaks in opencacheddir() (bsc#1209342).
  • cred: allow getcred() and putcred() to be given NULL (bsc#1209887).
  • crypto: x86/ghash - fix unaligned access in ghash_setkey() (git-fixes).
  • drivers: net: lmc: fix case value for target abort error (git-fixes).
  • fscache, cachefiles: remove redundant variable 'cache' (bsc#1210430).
  • ftrace: Mark getlockparentip() _always_inline (git-fixes).
  • intelpmcipc: restore ability to call functions with irq enabled (git-fixes).
  • ipmi: fix SSIF not responding under certain cond (git-fixes).
  • iwlwifi: Fix -EIO error code that is never returned (git-fixes).
  • iwlwifi: fw: make pos static in iwlsargetewrdtable() loop (git-fixes).
  • iwlwifi: pcie: fix locking when 'HW not ready' (git-fixes).
  • iwlwifi: pcie: gen2: fix locking when 'HW not ready' (git-fixes).
  • iwlwifi: pcie: reschedule in long-running memory reads (git-fixes).
  • kabi/severities: ignore KABI for NVMe, except nvme-fc (bsc#1174777).
  • kcm: Only allow TCP sockets to be attached to a KCM mux (git-fixes).
  • keys: Change keyringserialiselink_sem to a mutex (bsc#1207088).
  • keys: Fix linking a duplicate key to a keyring's assoc_array (bsc#1207088).
  • keys: Hoist locking out of _keylink_begin() (bsc#1207088).
  • kretprobe: Prevent triggering kretprobe from within kprobeflushtask (git-fixes).
  • l2tp: clean up stale tunnel or session in pppol2tp_connect's error path (git-fixes).
  • l2tp: fix pseudo-wire type for sessions created by pppol2tp_connect() (git-fixes).
  • l2tp: reject creation of non-PPP sessions on L2TPv2 tunnels (git-fixes).
  • net/ncsi: Do not return error on normal response (git-fixes).
  • net: axienet: Fix double deregister of mdio (git-fixes).
  • net: core: dst: Add kernel-doc for 'net' parameter (git-fixes).
  • net: core: dstcacheset_ip6: Rename 'addr' parameter to 'saddr' for consistency (git-fixes).
  • net: phy: realtek: Use the dummy stubs for MMD register access for rtl8211b (git-fixes).
  • net: prevent ISA drivers from building on PPC32 (git-fixes).
  • net: usb: qmi_wwan: add Telit 0x1080 composition (git-fixes).
  • netfilter: nftsetrbtree: fix parameter of _nftrbtree_lookup() (git-fixes).
  • netfilter: x_tables: Add note about how to free percpu counters (git-fixes).
  • nvme-pci: do not WARNON in nvmereset_work if ctrl.state is not RESETTING (git-fixes).
  • nvme-pci: fix doorbell buffer value endianness (git-fixes).
  • nvme: retain split access workaround for capability reads (git-fixes).
  • platform/x86: intelpmcipc: Use devm_* calls in driver probe function (git-fixes).
  • platform/x86: intelpmcipc: Use spin_lock to protect GCR updates (git-fixes).
  • powercap: fix possible name leak in powercapregisterzone() (git-fixes).
  • powerpc/numa: Consider the max NUMA node for migratable LPAR (bsc#1209999 ltc#202140 bsc#1190544 ltc#194520 bsc#1142685 ltc#179509 git-fixes).
  • powerpc/numa: Detect support for coregroup (bsc#1209999 ltc#202140 bsc#1142685 ltc#179509 git-fixes).
  • powerpc/numa: Limit possible nodes to within numpossiblenodes (bsc#1209999 ltc#202140 bsc#1142685 ltc#179509 git-fixes).
  • powerpc/numa: Restrict possible nodes based on platform (bsc#1209999 ltc#202140 bsc#1142685 ltc#179509 git-fixes).
  • powerpc/papr_scm: Update the NUMA distance table for the target node (bsc#1209999 ltc#202140 bsc#1142685 ltc#179509 git-fixes).
  • powerpc/pseries: Consolidate different NUMA distance update code paths (bsc#1209999 ltc#202140 bsc#1142685 ltc#179509 git-fixes).
  • powerpc/pseries: Rename TYPE1AFFINITY to FORM1AFFINITY (bsc#1209999 ltc#202140 bsc#1142685 ltc#179509 git-fixes).
  • powerpc/pseries: rename mincommondepth to primarydomainindex (bsc#1209999 ltc#202140 bsc#1142685 ltc#179509 git-fixes).
  • printk: Give error on attempt to set log buffer length to over 2G (bsc#1210534).
  • ring-buffer: Fix race while reader and writer are on the same page (git-fixes).
  • s390/percpu: add READONCE() to archthiscputoopsimple() (git-fixes).
  • scsi: qla2xxx: Fix memory leak in qla2x00probeone() (git-fixes).
  • scsi: qla2xxx: Perform lockless command completion in abort path (git-fixes).
  • sctp: do not free asoc when it is already dead in sctp_sendmsg (git-fixes).
  • sctp: return error if the asoc has been peeled off in sctpwaitfor_sndbuf (git-fixes).
  • sctp: use the right sk after waking up from wait_buf sleep (git-fixes).
  • struct ci_hdrc: hide new member at end (git-fixes).
  • struct wmisvcavailevarg: new member to end (git-fixes).
  • tuntap: fix dividing by zero in ebpf queue selection (git-fixes).
  • usb/ohci-platform: Fix a warning when hibernating (git-fixes).
  • usb: chipidea: core: fix possible concurrent when switch role (git-fixes).
  • usb: dwc3: core: fix kernel panic when do reboot (git-fixes).
  • usb: dwc3: gadget: Do not set IMI for no_interrupt (git-fixes).
  • usb: host: ohci-pxa27x: Fix and & vs | typo (git-fixes).
  • usb: storage: Add check for kcalloc (git-fixes).
  • usb: typec: Check for ops->exit instead of ops->enter in altmode_exit (git-fixes).
  • watchdog: pcwd_usb: Fix attempting to access uninitialized memory (git-fixes).
  • wifi: ath5k: fix an off by one check in ath5keepromreadfreqlist() (git-fixes).
  • workqueue: Fix missing kfree(rescuer) in destroy_workqueue() (bsc#1210460).
  • workqueue: Fix spurious sanity check failures in destroy_workqueue() (bsc#1210460).
  • wq: handle VM suspension in stall detection (bsc#1210466).
  • x86/boot/compressed: Disable relocation relaxation (git-fixes).
  • x86/boot: Avoid using Intel mnemonics in AT&T syntax asm (git-fixes).
  • x86/bugs: Add Cannon lake to RETBleed affected CPU list (git-fixes).
  • x86/bugs: Enable STIBP for IBPB mitigated RETBleed (git-fixes).
  • x86/fpu: Prevent FPU state corruption (git-fixes).
  • x86/irq: Ensure PI wakeup handler is unregistered before module unload (git-fixes).
  • x86/kprobes: Fix to check non boostable prefixes correctly (git-fixes).
  • x86/kprobes: Restore BTF if the single-stepping is cancelled (git-fixes).
  • x86/mce/inject: Avoid out-of-bounds write when setting flags (git-fixes).
  • x86/mm: Stop printing BRK addresses (git-fixes).
  • x86/pkeys: Add check for pkey 'overflow' (git-fixes).
  • x86/speculation/mds: Mark mdsuserclearcpubuffers() _alwaysinline (git-fixes).
  • x86/tools/relocs: Fix non-POSIX regexp (git-fixes).
  • x86/tools: Fix objdump version check again (git-fixes).
  • x86/virt: Eat faults on VMXOFF in reboot flows (git-fixes).
  • x86/virt: Mark flags and memory as clobbered by VMXOFF (git-fixes).
  • x86: Do not let pgprot_modify() change the page encryption bit (git-fixes).
  • x86_64: Fix jiffies ODR violation (git-fixes).
  • xfrm: policy: use hlist rcu variants on insert (git-fixes).
  • xhci: also avoid the XHCIZERO64B_REGS quirk with a passthrough iommu (git-fixes).
  • xhci: hide include of iommu.h (git-fixes).
References

Affected packages

SUSE:Linux Enterprise Real Time 12 SP5 / kernel-rt

Package

Name
kernel-rt
Purl
purl:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2012%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.12.14-10.124.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-devel-rt": "4.12.14-10.124.1",
            "dlm-kmp-rt": "4.12.14-10.124.1",
            "gfs2-kmp-rt": "4.12.14-10.124.1",
            "kernel-rt_debug": "4.12.14-10.124.1",
            "kernel-rt-devel": "4.12.14-10.124.1",
            "cluster-md-kmp-rt": "4.12.14-10.124.1",
            "kernel-rt_debug-devel": "4.12.14-10.124.1",
            "kernel-source-rt": "4.12.14-10.124.1",
            "kernel-rt": "4.12.14-10.124.1",
            "ocfs2-kmp-rt": "4.12.14-10.124.1",
            "kernel-syms-rt": "4.12.14-10.124.1",
            "kernel-rt-base": "4.12.14-10.124.1"
        }
    ]
}

SUSE:Linux Enterprise Real Time 12 SP5 / kernel-rt_debug

Package

Name
kernel-rt_debug
Purl
purl:rpm/suse/kernel-rt_debug&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2012%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.12.14-10.124.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-devel-rt": "4.12.14-10.124.1",
            "dlm-kmp-rt": "4.12.14-10.124.1",
            "gfs2-kmp-rt": "4.12.14-10.124.1",
            "kernel-rt_debug": "4.12.14-10.124.1",
            "kernel-rt-devel": "4.12.14-10.124.1",
            "cluster-md-kmp-rt": "4.12.14-10.124.1",
            "kernel-rt_debug-devel": "4.12.14-10.124.1",
            "kernel-source-rt": "4.12.14-10.124.1",
            "kernel-rt": "4.12.14-10.124.1",
            "ocfs2-kmp-rt": "4.12.14-10.124.1",
            "kernel-syms-rt": "4.12.14-10.124.1",
            "kernel-rt-base": "4.12.14-10.124.1"
        }
    ]
}

SUSE:Linux Enterprise Real Time 12 SP5 / kernel-source-rt

Package

Name
kernel-source-rt
Purl
purl:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2012%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.12.14-10.124.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-devel-rt": "4.12.14-10.124.1",
            "dlm-kmp-rt": "4.12.14-10.124.1",
            "gfs2-kmp-rt": "4.12.14-10.124.1",
            "kernel-rt_debug": "4.12.14-10.124.1",
            "kernel-rt-devel": "4.12.14-10.124.1",
            "cluster-md-kmp-rt": "4.12.14-10.124.1",
            "kernel-rt_debug-devel": "4.12.14-10.124.1",
            "kernel-source-rt": "4.12.14-10.124.1",
            "kernel-rt": "4.12.14-10.124.1",
            "ocfs2-kmp-rt": "4.12.14-10.124.1",
            "kernel-syms-rt": "4.12.14-10.124.1",
            "kernel-rt-base": "4.12.14-10.124.1"
        }
    ]
}

SUSE:Linux Enterprise Real Time 12 SP5 / kernel-syms-rt

Package

Name
kernel-syms-rt
Purl
purl:rpm/suse/kernel-syms-rt&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2012%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.12.14-10.124.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-devel-rt": "4.12.14-10.124.1",
            "dlm-kmp-rt": "4.12.14-10.124.1",
            "gfs2-kmp-rt": "4.12.14-10.124.1",
            "kernel-rt_debug": "4.12.14-10.124.1",
            "kernel-rt-devel": "4.12.14-10.124.1",
            "cluster-md-kmp-rt": "4.12.14-10.124.1",
            "kernel-rt_debug-devel": "4.12.14-10.124.1",
            "kernel-source-rt": "4.12.14-10.124.1",
            "kernel-rt": "4.12.14-10.124.1",
            "ocfs2-kmp-rt": "4.12.14-10.124.1",
            "kernel-syms-rt": "4.12.14-10.124.1",
            "kernel-rt-base": "4.12.14-10.124.1"
        }
    ]
}