SUSE-SU-2023:4349-1

Source
https://www.suse.com/support/update/announcement/2023/suse-su-20234349-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2023:4349-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2023:4349-1
Related
Published
2023-11-02T14:40:35Z
Modified
2023-11-02T14:40:35Z
Summary
Security update for the Linux Kernel
Details

The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

  • CVE-2023-31085: Fixed a divide-by-zero error in do_div(sz,mtd->erasesize) that could cause a local DoS. (bsc#1210778)
  • CVE-2023-45862: Fixed an issue in the ENE UB6250 reader driver whwere an object could potentially extend beyond the end of an allocation causing. (bsc#1216051)
  • CVE-2023-34324: Fixed a possible deadlock in Linux kernel event handling. (bsc#1215745).
  • CVE-2023-39189: Fixed a flaw in the Netfilter subsystem that could allow a local privileged (CAPNETADMIN) attacker to trigger an out-of-bounds read, leading to a crash or information disclosure. (bsc#1216046)

The following non-security bugs were fixed:

  • 9p: virtio: make sure 'offs' is initialized in zc_request (git-fixes).
  • audit: fix potential double free on error path from fsnotifyaddinode_mark (git-fixes).
  • CKC: Clarify usage
  • crypto: virtio: Fix use-after-free in virtiocryptoskcipherfinalizereq() (git-fixes).
  • iommu/amd: Fix IOMMU interrupt generation in X2APIC mode (bsc#1206010).
  • iommu/amd: Remove useless irq affinity notifier (bsc#1206010).
  • iommu/amd: Set iommu->int_enabled consistently when interrupts are set up (bsc#1206010).
  • kabi: iommu/amd: Fix IOMMU interrupt generation in X2APIC mode (bsc#1206010).
  • KVM: s390: fix sthyi error handling (git-fixes bsc#1216107).
  • memcg: drop kmem.limitinbytes (bsc#1208788)
  • mm, memcg: reconsider kmem.limitinbytes deprecation (bsc#1208788 bsc#1213705).
  • net: usb: dm9601: fix uninitialized variable use in dm9601mdioread (git-fixes).
  • net: usb: smsc75xx: Fix uninit-value access in _smsc75xxread_reg (git-fixes).
  • ratelimit: Fix data-races in _ratelimit() (git-fixes).
  • ring-buffer: Fix bytes info in per_cpu buffer stats (git-fixes).
  • s390/pci: fix iommu bitmap allocation (git-fixes bsc#1216513).
  • s390/ptrace: fix setting syscall number (git-fixes bsc#1216340).
  • s390/vdso: add missing FORCE to build targets (git-fixes bsc#1216140).
  • s390/zcrypt: change reply buffer size offering (LTC#203322 bsc#1213950).
  • s390/zcrypt: fix reply buffer calculations for CCA replies (LTC#203322 bsc#1213950).
  • sched: Avoid scale real weight down to zero (git fixes (sched)).
  • sched: correct SDflags returned by tl->sdflags() (git fixes (sched)).
  • sched: Reenable interrupts in doschedyield() (git fixes (sched)).
  • sched/core: Fix migration to invalid CPU in _setcpusallowedptr() (git fixes (sched)).
  • sched/core: Mitigate race cpussharecache()/updatetopcache_domain() (git fixes (sched)).
  • sched/fair: Do not balance task to its current running CPU (git fixes (sched)).
  • sched/rt: Minimize rq->lock contention in doschedrtperiodtimer() (git fixes (sched)).
  • sched/rt: Restore rtruntime after disabling RTRUNTIME_SHARE (git fixes (sched)).
  • scsi: zfcp: Defer fc_rport blocking until after ADISC response (LTC#203327 bsc#1213977 git-fixes).
  • scsi: zfcp: Fix a double put in zfcpportenqueue() (git-fixes bsc#1216514).
  • tools/thermal: Fix possible path truncations (git-fixes).
  • tracing: Fix cpu buffers unavailable due to 'record_disabled' missed (git-fixes).
  • tracing: Fix memleak due to race between current_tracer and trace (git-fixes).
  • tracing: Fix race issue between cpu buffer write and swap (git-fixes).
  • uas: Add USFLNOREPORTOPCODES for JMicron JMS583Gen 2 (git-fixes).
  • usb: serial: cp210x: add Silicon Labs IFS-USB-DATACABLE IDs (git-fixes).
  • usb: typec: altmodes/displayport: Fix configure initial pin assignment (git-fixes).
  • usb: typec: altmodes/displayport: fix pinassignmentshow (git-fixes).
  • use optional first argument as a base-ref instead of upstream branch
  • vhost-scsi: unbreak any layout for response (git-fixes).
  • virtio_balloon: fix deadlock on OOM (git-fixes).
  • virtioballoon: fix increment of vb->numpfns in fill_balloon() (git-fixes).
  • virtio_net: Fix error unwinding of XDP initialization (git-fixes).
  • virtio: Protect vqs list access (git-fixes).
  • vsock/virtio: add transport parameter to the virtiotransportresetnosock() (git-fixes).
  • xen-netback: use default TX queue size for vifs (git-fixes).
  • xen/x86: obtain full video frame buffer address for Dom0 also under EFI (bsc#1215743).
  • xen/x86: obtain upper 32 bits of video frame buffer address for Dom0 (bsc#1215743).
References

Affected packages

SUSE:Linux Enterprise High Availability Extension 12 SP5 / kernel-default

Package

Name
kernel-default
Purl
purl:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2012%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.12.14-122.183.1

Ecosystem specific

{
    "binaries": [
        {
            "dlm-kmp-default": "4.12.14-122.183.1",
            "gfs2-kmp-default": "4.12.14-122.183.1",
            "ocfs2-kmp-default": "4.12.14-122.183.1",
            "cluster-md-kmp-default": "4.12.14-122.183.1"
        }
    ]
}

SUSE:Linux Enterprise Live Patching 12 SP5 / kernel-default

Package

Name
kernel-default
Purl
purl:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.12.14-122.183.1

Ecosystem specific

{
    "binaries": [
        {
            "kgraft-patch-4_12_14-122_183-default": "1-8.3.1",
            "kernel-default-kgraft": "4.12.14-122.183.1",
            "kernel-default-kgraft-devel": "4.12.14-122.183.1"
        }
    ]
}

SUSE:Linux Enterprise Live Patching 12 SP5 / kgraft-patch-SLE12-SP5_Update_50

Package

Name
kgraft-patch-SLE12-SP5_Update_50
Purl
purl:rpm/suse/kgraft-patch-SLE12-SP5_Update_50&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1-8.3.1

Ecosystem specific

{
    "binaries": [
        {
            "kgraft-patch-4_12_14-122_183-default": "1-8.3.1",
            "kernel-default-kgraft": "4.12.14-122.183.1",
            "kernel-default-kgraft-devel": "4.12.14-122.183.1"
        }
    ]
}

SUSE:Linux Enterprise Software Development Kit 12 SP5 / kernel-docs

Package

Name
kernel-docs
Purl
purl:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.12.14-122.183.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-docs": "4.12.14-122.183.1",
            "kernel-obs-build": "4.12.14-122.183.1"
        }
    ]
}

SUSE:Linux Enterprise Software Development Kit 12 SP5 / kernel-obs-build

Package

Name
kernel-obs-build
Purl
purl:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.12.14-122.183.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-docs": "4.12.14-122.183.1",
            "kernel-obs-build": "4.12.14-122.183.1"
        }
    ]
}

SUSE:Linux Enterprise Server 12 SP5 / kernel-default

Package

Name
kernel-default
Purl
purl:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.12.14-122.183.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-macros": "4.12.14-122.183.1",
            "kernel-devel": "4.12.14-122.183.1",
            "kernel-default-base": "4.12.14-122.183.1",
            "kernel-default-man": "4.12.14-122.183.1",
            "kernel-default": "4.12.14-122.183.1",
            "kernel-source": "4.12.14-122.183.1",
            "kernel-syms": "4.12.14-122.183.1",
            "kernel-default-devel": "4.12.14-122.183.1"
        }
    ]
}

SUSE:Linux Enterprise Server 12 SP5 / kernel-source

Package

Name
kernel-source
Purl
purl:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.12.14-122.183.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-macros": "4.12.14-122.183.1",
            "kernel-devel": "4.12.14-122.183.1",
            "kernel-default-base": "4.12.14-122.183.1",
            "kernel-default-man": "4.12.14-122.183.1",
            "kernel-default": "4.12.14-122.183.1",
            "kernel-source": "4.12.14-122.183.1",
            "kernel-syms": "4.12.14-122.183.1",
            "kernel-default-devel": "4.12.14-122.183.1"
        }
    ]
}

SUSE:Linux Enterprise Server 12 SP5 / kernel-syms

Package

Name
kernel-syms
Purl
purl:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.12.14-122.183.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-macros": "4.12.14-122.183.1",
            "kernel-devel": "4.12.14-122.183.1",
            "kernel-default-base": "4.12.14-122.183.1",
            "kernel-default-man": "4.12.14-122.183.1",
            "kernel-default": "4.12.14-122.183.1",
            "kernel-source": "4.12.14-122.183.1",
            "kernel-syms": "4.12.14-122.183.1",
            "kernel-default-devel": "4.12.14-122.183.1"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 12 SP5 / kernel-default

Package

Name
kernel-default
Purl
purl:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.12.14-122.183.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-macros": "4.12.14-122.183.1",
            "kernel-devel": "4.12.14-122.183.1",
            "kernel-default-base": "4.12.14-122.183.1",
            "kernel-default-man": "4.12.14-122.183.1",
            "kernel-default": "4.12.14-122.183.1",
            "kernel-source": "4.12.14-122.183.1",
            "kernel-syms": "4.12.14-122.183.1",
            "kernel-default-devel": "4.12.14-122.183.1"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 12 SP5 / kernel-source

Package

Name
kernel-source
Purl
purl:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.12.14-122.183.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-macros": "4.12.14-122.183.1",
            "kernel-devel": "4.12.14-122.183.1",
            "kernel-default-base": "4.12.14-122.183.1",
            "kernel-default-man": "4.12.14-122.183.1",
            "kernel-default": "4.12.14-122.183.1",
            "kernel-source": "4.12.14-122.183.1",
            "kernel-syms": "4.12.14-122.183.1",
            "kernel-default-devel": "4.12.14-122.183.1"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 12 SP5 / kernel-syms

Package

Name
kernel-syms
Purl
purl:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.12.14-122.183.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-macros": "4.12.14-122.183.1",
            "kernel-devel": "4.12.14-122.183.1",
            "kernel-default-base": "4.12.14-122.183.1",
            "kernel-default-man": "4.12.14-122.183.1",
            "kernel-default": "4.12.14-122.183.1",
            "kernel-source": "4.12.14-122.183.1",
            "kernel-syms": "4.12.14-122.183.1",
            "kernel-default-devel": "4.12.14-122.183.1"
        }
    ]
}

SUSE:Linux Enterprise Workstation Extension 12 SP5 / kernel-default

Package

Name
kernel-default
Purl
purl:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.12.14-122.183.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-default-extra": "4.12.14-122.183.1"
        }
    ]
}