SUSE-SU-2023:3329-1

Source
https://www.suse.com/support/update/announcement/2023/suse-su-20233329-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2023:3329-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2023:3329-1
Related
Published
2023-08-16T06:51:52Z
Modified
2023-08-16T06:51:52Z
Summary
Security update for the Linux Kernel
Details

The SUSE Linux Enterprise 12 SP5 RT kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

  • CVE-2022-40982: Fixed transient execution attack called 'Gather Data Sampling' (bsc#1206418).
  • CVE-2023-0459: Fixed information leak in _uaccessbegin_nospec (bsc#1211738).
  • CVE-2023-20569: Fixed side channel attack ‘Inception’ or ‘RAS Poisoning’ (bsc#1213287).
  • CVE-2023-3567: Fixed a use-after-free in vcsread in drivers/tty/vt/vcscreen.c (bsc#1213167).
  • CVE-2023-3609: Fixed reference counter leak leading to overflow in net/sched (bsc#1213586).
  • CVE-2023-3611: Fixed an out-of-bounds write in net/sched sch_qfq(bsc#1213585).
  • CVE-2023-3776: Fixed improper refcount update in cls_fw leads to use-after-free (bsc#1213588).

The following non-security bugs were fixed:

  • fix double fget() in vhostnetset_backend() (git-fixes).
  • nfsv4.1: always send a reclaim_complete after establishing lease (git-fixes).
  • sunrpc: fix uaf in svctcplistendataready() (git-fixes).
  • sunrpc: remove the maximum number of retries in callbindstatus (git-fixes).
  • update suse/s390-dasd-fix-no-record-found-for-rawtrackaccess (git-fixes bsc#1212266 bsc#1207528).
  • update suse/scsi-zfcp-fix-missing-auto-port-scan-and-thus-missing-target-ports (git-fixes bsc#1202670).
  • block: fix a source code comment in include/uapi/linux/blkzoned.h (git-fixes).
  • kabi fix test
  • kernel-binary.spec.in: remove superfluous %% in supplements fixes: 02b7735e0caf ('rpm/kernel-binary.spec.in: add enhances and supplements tags to in-tree kmps')
  • livepatch: check kzalloc return values (git-fixes).
  • media: videodev2.h: fix struct v4l2_input tuner index comment (git-fixes).
  • net/sched: sch_qfq: refactor parsing of netlink parameters (bsc#1213585).
  • net: skip virtionethdrsetproto if protocol already set (git-fixes).
  • net: virtionethdrtoskb: count transport header in ufo (git-fixes).
  • nfsd: fix double fget() bug in _writeports_addfd() (git-fixes).
  • powerpc/64: update speculationstorebypass in /proc/<pid>/status (bsc#1188885 ltc#193722 git-fixes).
  • powerpc/security: fix speculationstorebypass reporting on power10 (bsc#1188885 ltc#193722 git-fixes).
  • rpm/check-for-config-changes: ignore also riscvisa* and dynamicsigframe they depend on configtoolchainhas*.
  • s390/cio: add dev_busid sysfs entry for each subchannel (bsc#1207526).
  • s390/cio: check the subchannel validity for dev_busid (bsc#1207526).
  • s390/cio: introduce iosubchanneltype (bsc#1207526).
  • s390/cpum_sf: adjust sampling interval to avoid hitting sample limits (git-fixes bsc#1213827).
  • s390/maccess: add no dat mode to kernel_write (git-fixes bsc#1213825).
  • s390/numa: move initial setup of nodetocpumask_map (git-fixes bsc#1213766).
  • scsi: qla2xxx: adjust iocb resource on qpair create (bsc#1213747).
  • scsi: qla2xxx: array index may go out of bound (bsc#1213747).
  • scsi: qla2xxx: avoid fcport pointer dereference (bsc#1213747).
  • scsi: qla2xxx: check valid rport returned by fcbsgto_rport() (bsc#1213747).
  • scsi: qla2xxx: correct the index of array (bsc#1213747).
  • scsi: qla2xxx: drop useless list_head (bsc#1213747).
  • scsi: qla2xxx: fix null pointer dereference in target mode (bsc#1213747).
  • scsi: qla2xxx: fix tmf leak through (bsc#1213747).
  • scsi: qla2xxx: fix buffer overrun (bsc#1213747).
  • scsi: qla2xxx: fix command flush during tmf (bsc#1213747).
  • scsi: qla2xxx: fix deletion race condition (bsc#1213747).
  • scsi: qla2xxx: fix end of loop test (bsc#1213747).
  • scsi: qla2xxx: fix erroneous link up failure (bsc#1213747).
  • scsi: qla2xxx: fix error code in qla2x00startsp() (bsc#1213747).
  • scsi: qla2xxx: fix potential null pointer dereference (bsc#1213747).
  • scsi: qla2xxx: fix session hang in gnl (bsc#1213747).
  • scsi: qla2xxx: limit tmf to 8 per function (bsc#1213747).
  • scsi: qla2xxx: pointer may be dereferenced (bsc#1213747).
  • scsi: qla2xxx: remove unused nvmelswaitq wait queue (bsc#1213747).
  • scsi: qla2xxx: silence a static checker warning (bsc#1213747).
  • scsi: qla2xxx: turn off noisy message log (bsc#1213747).
  • scsi: qla2xxx: update version to 10.02.08.400-k (bsc#1213747).
  • scsi: qla2xxx: update version to 10.02.08.500-k (bsc#1213747).
  • scsi: qla2xxx: fix inconsistent tmf timeout (bsc#1213747).
  • svcrdma: prevent page release when nothing was received (git-fixes).
  • vfio-ccw: prevent quiesce function going into an infinite loop (git-fixes bsc#1213819).
  • vfio-ccw: release any channel program when releasing/removing vfio-ccw mdev (git-fixes bsc#1213823).
  • vhost/test: fix build for vhost test (git-fixes).
  • vhost/vsock: use kvmalloc/kvfree for larger packets (git-fixes).
  • vhost/vsock: do not check owner in vhostvsockstop() while releasing (git-fixes).
  • vhost/vsock: fix incorrect used length reported to the guest (git-fixes).
  • vhost/vsock: fix packet delivery order to monitoring devices (git-fixes).
  • vhost/vsock: split packets to send using multiple buffers (git-fixes).
  • vhost: fix the calculation in vhost_overflow() (git-fixes).
  • vhost_net: disable zerocopy by default (git-fixes).
  • vhost_net: fix oob on sendmsg() failure (git-fixes).
  • virtio-balloon: fix managed page counts when migrating pages between zones (git-fixes).
  • virtio-mmio: fix missing putdevice() when vmcmdline_parent registration failed (git-fixes).
  • virtio-net: keep stop() to follow mirror sequence of open() (git-fixes).
  • virtio-pci: remove wrong address verification in vpdelvqs() (git-fixes).
  • virtio: improve vq->broken access to avoid any compiler optimization (git-fixes).
  • virtionet: fix error handling in virtnetrestore() (git-fixes).
  • virtionet: bugfix overflow inside xdplinearize_page() (git-fixes).
  • virtionet: fix xdprxq_info bug after suspend/resume (git-fixes).
  • virtio_ring: fix querying of maximum dma mapping size for virtio device (git-fixes).
  • vringh: use wiov->used to check for read/write desc order (git-fixes).
  • vringh: fix _vringhiov() when riov and wiov are different (git-fixes).
  • vsock/virtio: stop workers during the .remove() (git-fixes).
  • vsock/virtio: use rcu to avoid use-after-free on thevirtiovsock (git-fixes).
  • xen/blkfront: Only check REQ_FUA for writes (git-fixes).
References

Affected packages

SUSE:Linux Enterprise Real Time 12 SP5 / kernel-rt

Package

Name
kernel-rt
Purl
purl:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2012%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.12.14-10.138.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-devel-rt": "4.12.14-10.138.1",
            "dlm-kmp-rt": "4.12.14-10.138.1",
            "gfs2-kmp-rt": "4.12.14-10.138.1",
            "kernel-rt_debug": "4.12.14-10.138.1",
            "kernel-rt-devel": "4.12.14-10.138.1",
            "cluster-md-kmp-rt": "4.12.14-10.138.1",
            "kernel-rt_debug-devel": "4.12.14-10.138.1",
            "kernel-source-rt": "4.12.14-10.138.1",
            "kernel-rt": "4.12.14-10.138.1",
            "ocfs2-kmp-rt": "4.12.14-10.138.1",
            "kernel-syms-rt": "4.12.14-10.138.1",
            "kernel-rt-base": "4.12.14-10.138.1"
        }
    ]
}

SUSE:Linux Enterprise Real Time 12 SP5 / kernel-rt_debug

Package

Name
kernel-rt_debug
Purl
purl:rpm/suse/kernel-rt_debug&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2012%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.12.14-10.138.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-devel-rt": "4.12.14-10.138.1",
            "dlm-kmp-rt": "4.12.14-10.138.1",
            "gfs2-kmp-rt": "4.12.14-10.138.1",
            "kernel-rt_debug": "4.12.14-10.138.1",
            "kernel-rt-devel": "4.12.14-10.138.1",
            "cluster-md-kmp-rt": "4.12.14-10.138.1",
            "kernel-rt_debug-devel": "4.12.14-10.138.1",
            "kernel-source-rt": "4.12.14-10.138.1",
            "kernel-rt": "4.12.14-10.138.1",
            "ocfs2-kmp-rt": "4.12.14-10.138.1",
            "kernel-syms-rt": "4.12.14-10.138.1",
            "kernel-rt-base": "4.12.14-10.138.1"
        }
    ]
}

SUSE:Linux Enterprise Real Time 12 SP5 / kernel-source-rt

Package

Name
kernel-source-rt
Purl
purl:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2012%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.12.14-10.138.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-devel-rt": "4.12.14-10.138.1",
            "dlm-kmp-rt": "4.12.14-10.138.1",
            "gfs2-kmp-rt": "4.12.14-10.138.1",
            "kernel-rt_debug": "4.12.14-10.138.1",
            "kernel-rt-devel": "4.12.14-10.138.1",
            "cluster-md-kmp-rt": "4.12.14-10.138.1",
            "kernel-rt_debug-devel": "4.12.14-10.138.1",
            "kernel-source-rt": "4.12.14-10.138.1",
            "kernel-rt": "4.12.14-10.138.1",
            "ocfs2-kmp-rt": "4.12.14-10.138.1",
            "kernel-syms-rt": "4.12.14-10.138.1",
            "kernel-rt-base": "4.12.14-10.138.1"
        }
    ]
}

SUSE:Linux Enterprise Real Time 12 SP5 / kernel-syms-rt

Package

Name
kernel-syms-rt
Purl
purl:rpm/suse/kernel-syms-rt&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2012%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.12.14-10.138.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-devel-rt": "4.12.14-10.138.1",
            "dlm-kmp-rt": "4.12.14-10.138.1",
            "gfs2-kmp-rt": "4.12.14-10.138.1",
            "kernel-rt_debug": "4.12.14-10.138.1",
            "kernel-rt-devel": "4.12.14-10.138.1",
            "cluster-md-kmp-rt": "4.12.14-10.138.1",
            "kernel-rt_debug-devel": "4.12.14-10.138.1",
            "kernel-source-rt": "4.12.14-10.138.1",
            "kernel-rt": "4.12.14-10.138.1",
            "ocfs2-kmp-rt": "4.12.14-10.138.1",
            "kernel-syms-rt": "4.12.14-10.138.1",
            "kernel-rt-base": "4.12.14-10.138.1"
        }
    ]
}