SUSE-SU-2024:0113-1

Source
https://www.suse.com/support/update/announcement/2024/suse-su-20240113-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2024:0113-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2024:0113-1
Related
Published
2024-01-16T12:29:32Z
Modified
2024-01-16T12:29:32Z
Summary
Security update for the Linux Kernel
Details

The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

  • CVE-2023-6610: Fixed an out of bounds read in the SMB client when printing debug information (bsc#1217946).
  • CVE-2022-2586: Fixed a use-after-free which can be triggered when a nft table is deleted (bsc#1202095).
  • CVE-2023-51779: Fixed a use-after-free because of a btsockioctl race condition in btsockrecvmsg (bsc#1218559).
  • CVE-2020-26555: Fixed Bluetooth legacy BR/EDR PIN code pairing in Bluetooth Core Specification 1.0B that may permit an unauthenticated nearby device to spoof the BD_ADDR of the peer device to complete pairing without knowledge of the PIN (bsc#1179610 bsc#1215237).
  • CVE-2023-6931: Fixed a heap out-of-bounds write vulnerability in the Linux kernel's Performance Events system component that could lead to local privilege escalation. (bsc#1218258).
  • CVE-2023-6606: Fixed an out of bounds read in the SMB client when receiving a malformed length from a server (bsc#1217947).
  • CVE-2023-6932: Fixed a use-after-free vulnerability in the Linux kernel's ipv4: igmp component that could lead to local privilege escalation (bsc#1218253).
  • CVE-2023-6121: Fixed an out-of-bounds read vulnerability in the NVMe-oF/TCP subsystem that could lead to information leak (bsc#1217250).

The following non-security bugs were fixed:

  • Fix termination state for idrforeachentryul() (bsc#1109837).
  • Input: powermate - fix use-after-free in powermateconfigcomplete (git-fixes).
  • KVM: s390/mm: Properly reset no-dat (git-fixes bsc#1218057).
  • KVM: s390: vsie: fix wrong VIR 37 when MSO is used (git-fixes bsc#1217936).
  • Limit kernel-source build to architectures for which the kernel binary is built (bsc#1108281).
  • PCI: Disable ATS for specific Intel IPU E2000 devices (bsc#1218622).
  • Resolve build warnings from previous series due to missing commit for Ice Lake freerunning counters perf/x86/intel/uncore: Add box_offsets for free-running counters (jsc#PED-5023 bsc#1211439).
  • Revert 'Limit kernel-source-azure build to architectures for which we build binaries (bsc#1108281).'
  • bcache: Fix _bchbtreenodealloc to make the failure behavior consistent (git-fixes).
  • bcache: Remove unnecessary NULL point check in node allocations (git-fixes).
  • bcache: add code comments for bchbtreenodeget() and _bchbtreenode_alloc() (git-fixes).
  • bcache: check return value from btreenodealloc_replacement() (git-fixes).
  • bcache: prevent potential division by zero error (git-fixes).
  • bcache: replace a mistaken ISERR() by ISERRORNULL() in btreegccoalesce() (git-fixes).
  • bcache: revert replacing ISERRORNULL with ISERR (git-fixes).
  • dm cache policy smq: ensure IO does not prevent cleaner policy progress (git-fixes).
  • dm cache: add cond_resched() to various workqueue loops (git-fixes).
  • dm crypt: add condresched() to dmcryptwrite() (git-fixes).
  • dm flakey: do not corrupt the zero page (git-fixes).
  • dm flakey: fix a crash with invalid table line (git-fixes).
  • dm flakey: fix logic when corrupting a bio (git-fixes).
  • dm integrity: call kmemcachedestroy() in dmintegrityinit() error path (git-fixes).
  • dm raid: fix missing reconfigmutex unlock in raidctr() error paths (git-fixes).
  • dm stats: check for and propagate alloc_percpu failure (git-fixes).
  • dm thin: add cond_resched() to various workqueue loops (git-fixes).
  • dm verity: do not perform FEC for failed readahead IO (git-fixes).
  • dm verity: fix error handling for checkatmost_once on FEC (git-fixes).
  • dm verity: skip redundant verityhandleerr() on I/O errors (git-fixes).
  • dm-integrity: do not modify bio's immutable biovec in integritymetadata() (git-fixes).
  • dm-verity: align struct dmverityfec_io properly (git-fixes).
  • dm: remove flushscheduledwork() during local_exit() (git-fixes).
  • doc/README.SUSE: Add how to update the config for module signing (jsc#PED-5021)
  • doc/README.SUSE: Remove how to build modules using kernel-source (jsc#PED-5021)
  • doc/README.SUSE: Simplify the list of references (jsc#PED-5021)
  • gve: Add XDP DROP and TX support for GQI-QPL format (bsc#1214479).
  • gve: Add XDP REDIRECT support for GQI-QPL format (bsc#1214479).
  • gve: Changes to add new TX queues (bsc#1214479).
  • gve: Control path for DQO-QPL (bsc#1214479).
  • gve: Do not fully free QPL pages on prefill errors (bsc#1214479).
  • gve: Fix gve interrupt names (bsc#1214479).
  • gve: Fixes for napi_poll when budget is 0 (bsc#1214479).
  • gve: RX path for DQO-QPL (bsc#1214479).
  • gve: Set default duplex configuration to full (bsc#1214479).
  • gve: Tx path for DQO-QPL (bsc#1214479).
  • gve: Unify duplicate GQ min pkt desc size constants (bsc#1214479).
  • gve: XDP support GQI-QPL: helper function changes (bsc#1214479).
  • gve: fix frag_list chaining (bsc#1214479).
  • gve: trivial spell fix Recive to Receive (bsc#1214479).
  • gve: unify driver name usage (bsc#1214479).
  • ip6gre: proper dev{hold|put} in ndo_[un]init methods (git-fixes).
  • ip6tunnel: sit: proper dev{hold|put} in ndo_[un]init methods (git-fixes).
  • ip6vti: proper dev{hold|put} in ndo_[un]init methods (git-fixes).
  • ipv6/addrconf: fix a potential refcount underflow for idev (git-fixes).
  • ipv6: remove extra dev_hold() for fallback tunnels (git-fixes).
  • md/raid0: add discard support for the 'original' layout (git-fixes).
  • md/raid1: fix error: ISO C90 forbids mixed declarations (git-fixes).
  • md/raid1: free the r1bio before waiting for blocked rdev (git-fixes).
  • md/raid1: hold the barrier until handlereaderror() finishes (git-fixes).
  • md: do not leave 'MDRECOVERYFROZEN' in error path of mdsetreadonly() (git-fixes).
  • md: raid1: fix potential OOB in raid1removedisk() (git-fixes).
  • md: restore 'noioflag' for the last mddevresume() (git-fixes).
  • mkspec: Add multibuild support (JSC-SLE#5501, boo#1211226, bsc#1218184) When MULTIBUILD option in config.sh is enabled generate a _multibuild file listing all spec files.
  • nbd: Add the maximum limit of allocated index in nbddevadd (git-fixes).
  • nbd: Fix debugfscreatedir error checking (git-fixes).
  • net/tg3: fix race condition in tg3resettask() (bsc#1217801).
  • net/tg3: resolve deadlock in tg3resettask() during EEH (bsc#1217801).
  • net: dsa: mv88e6xxx: Fix 88E6141/6341 2500mbps SERDES speed (git-fixes).
  • net: ethernet: ti: cpsw: unsync mcast entries while switch promisc mode (git-fixes).
  • net: macb: disable scatter-gather for macb on sama5d3 (git-fixes).
  • net: stmmac: Move debugfs init/exit to ->probe()/->remove() (git-fixes).
  • net: usb: ax88179178a: fix failed operations during ax88179reset (git-fixes).
  • net: usb: qmi_wwan: claim interface 4 for ZTE MF290 (git-fixes).
  • net: usb: smsc95xx: Fix an error code in smsc95xx_reset() (git-fixes).
  • net: usb: smsc95xx: Fix uninit-value access in smsc95xxreadreg (git-fixes).
  • netfilter: compat: prepare xtcompatinit_offsets to return errors (git-fixes).
  • netfilter: compat: reject huge allocation requests (git-fixes).
  • netfilter: ebtables: also count base chain policies (git-fixes).
  • netfilter: ebtables: compat: un-break 32bit setsockopt when no rules are present (git-fixes).
  • netfilter: ebtables: do not attempt to allocate 0-sized compat array (git-fixes).
  • netfilter: nf_tables: fix use-after-free when deleting compat expressions (git-fixes).
  • netfilter: nft_compat: use-after-free when deleting targets (git-fixes).
  • netfilter: preserve KABI for xtcompatinit_offsets (git-fixes).
  • nvme: sanitize metadata bounce buffer for reads (git-fixes).
  • perf/x86/cstate: Add Rocket Lake CPU support (jsc#PED-5023 bsc#1211439).
  • perf/x86/cstate: Add Tiger Lake CPU support (jsc#PED-5023 bsc#1211439).
  • perf/x86/cstate: Update C-state counters for Ice Lake (jsc#PED-5023 bsc#1211439).
  • perf/x86/intel/uncore: Add Comet Lake support (jsc#PED-5023 bsc#1211439).
  • perf/x86/intel/uncore: Add IMC uncore support for Snow Ridge (jsc#PED-5023 bsc#1211439).
  • perf/x86/intel/uncore: Add Ice Lake server uncore support (jsc#PED-5023 bsc#1211439).
  • perf/x86/intel/uncore: Add Rocket Lake support (jsc#PED-5023 bsc#1211439).
  • perf/x86/intel/uncore: Add new IMC PCI IDs for KabyLake, AmberLake and WhiskeyLake CPUs (jsc#PED-5023 bsc#1211439).
  • perf/x86/intel/uncore: Add tabs to Uncore IMC PCI IDs (jsc#PED-5023 bsc#1211439).
  • perf/x86/intel/uncore: Add uncore support for Snow Ridge server (jsc#PED-5023 bsc#1211439).
  • perf/x86/intel/uncore: Clean up client IMC (jsc#PED-5023 bsc#1211439).
  • perf/x86/intel/uncore: Factor out _snruncoremmioinit_box (jsc#PED-5023 bsc#1211439).
  • perf/x86/intel/uncore: Factor out box ref/unref functions (jsc#PED-5023 bsc#1211439).
  • perf/x86/intel/uncore: Fix CASCOUNTWRITE issue for ICX (jsc#PED-5023 bsc#1211439 (git-fixes)).
  • perf/x86/intel/uncore: Fix IIO event constraints for Snowridge (jsc#PED-5023 bsc#1211439 (git-fixes)).
  • perf/x86/intel/uncore: Fix Intel ICX IIO event constraints (jsc#PED-5023 bsc#1211439 (git-fixes)).
  • perf/x86/intel/uncore: Fix M2M event umask for Ice Lake server (jsc#PED-5023 bsc#1211439 (git-fixes)).
  • perf/x86/intel/uncore: Fix broken read_counter() for SNB IMC PMU (jsc#PED-5023 bsc#1211439 (git-fixes)).
  • perf/x86/intel/uncore: Fix integer overflow on 23 bit left shift of a u32 (jsc#PED-5023 bsc#1211439 (git-fixes)).
  • perf/x86/intel/uncore: Fix missing marker for snruncoreimcfreerunningevents (jsc#PED-5023 bsc#1211439 (git-fixes)).
  • perf/x86/intel/uncore: Fix oops when counting IMC uncore events on some TGL (jsc#PED-5023 bsc#1211439 (git-fixes)).
  • perf/x86/intel/uncore: Fix reference count leak in _uncoreimcinitbox() (jsc#PED-5023 bsc#1211439 (git-fixes)).
  • perf/x86/intel/uncore: Fix reference count leak in snruncoremmio_map() (jsc#PED-5023 bsc#1211439 (git-fixes)).
  • perf/x86/intel/uncore: Fix the scale of the IMC free-running events (jsc#PED-5023 bsc#1211439 (git-fixes)).
  • perf/x86/intel/uncore: Split the Ice Lake and Tiger Lake MSR uncore support (jsc#PED-5023 bsc#1211439).
  • perf/x86/intel/uncore: Support MMIO type uncore blocks (jsc#PED-5023 bsc#1211439).
  • perf/x86/intel/uncore: Support extra IMC channel on Ice Lake server (jsc#PED-5023 bsc#1211439 (git-fixes)).
  • perf/x86/intel/uncore: Update Ice Lake uncore units (jsc#PED-5023 bsc#1211439).
  • perf/x86/intel: Add Icelake desktop CPUID (jsc#PED-5023 bsc#1211439).
  • perf/x86/intel: Add Rocket Lake CPU support (jsc#PED-5023 bsc#1211439).
  • perf/x86/intel: Add Tiger Lake CPU support (jsc#PED-5023 bsc#1211439).
  • perf/x86/intel: Add more Icelake CPUIDs (jsc#PED-5023 bsc#1211439).
  • perf/x86/intel: Fix Ice Lake event constraint table (jsc#PED-5023 bsc#1211439).
  • perf/x86/intel: Fix invalid Bit 13 for Icelake MSROFFCORERSP_x register (jsc#PED-5023 bsc#1211439).
  • perf/x86/intel: Mark expected switch fall-throughs (jsc#PED-5023 bsc#1211439).
  • perf/x86/msr: Add Comet Lake CPU support (jsc#PED-5023 bsc#1211439).
  • perf/x86/msr: Add Rocket Lake CPU support (jsc#PED-5023 bsc#1211439).
  • perf/x86/msr: Add Tiger Lake CPU support (jsc#PED-5023 bsc#1211439).
  • perf/x86/msr: Add new CPU model numbers for Ice Lake (jsc#PED-5023 bsc#1211439).
  • perf/x86/rapl: Add Ice Lake RAPL support (jsc#PED-5023 bsc#1211439).
  • perf/x86: Add Intel Ice Lake NNPI uncore support (jsc#PED-5023 bsc#1211439).
  • perf/x86: Add Intel Tiger Lake uncore support (jsc#PED-5023 bsc#1211439).
  • r8152: Add RTL8152_INACCESSIBLE checks to more loops (git-fixes).
  • r8152: Add RTL8152INACCESSIBLE to r8153aldps_en() (git-fixes).
  • r8152: Cancel hwphywork if we have an error in probe (git-fixes).
  • r8152: Increase USB control msg timeout to 5000ms as per spec (git-fixes).
  • r8152: Rename RTL8152UNPLUG to RTL8152INACCESSIBLE (git-fixes).
  • r8152: Run the unload routine if we have errors during probe (git-fixes).
  • rbd: avoid use-after-free in dorbdadd() when rbddevcreate() fails (git-fixes).
  • ring-buffer: Fix memory leak of free page (git-fixes).
  • s390/vx: fix save/restore of fpu kernel context (git-fixes bsc#1218362).
  • sit: proper dev{hold|put} in ndo[un]init methods (git-fixes).
  • tcp: fix under-evaluated ssthresh in TCP Vegas (git-fixes).
  • tracing: Always update snapshot buffer size (git-fixes).
  • tracing: Disable snapshot buffer when stopping instance tracers (git-fixes).
  • tracing: Fix a possible race when disabling buffered events (bsc#1217036).
  • tracing: Fix a warning when allocating buffered events fails (bsc#1217036).
  • tracing: Fix incomplete locking when disabling buffered events (bsc#1217036).
  • tracing: Fix warning in tracebufferedevent_disable() (git-fixes, bsc#1217036).
  • tracing: Stop current tracer when resizing buffer (git-fixes).
  • tracing: Update snapshot buffer on resize if it is allocated (git-fixes).
  • tracing: relax traceeventevalupdate() execution with condresched() (git-fixes).
  • usb: config: fix iteration issue in 'usbgetbos_descriptor()' (git-fixes).
  • x86/cpu: Add Comet Lake to the Intel CPU models header (jsc#PED-5023 bsc#1211439).
  • x86/cpu: Add Ice Lake NNPI to Intel family (jsc#PED-5023 bsc#1211439).
  • x86/cpu: Add Lakefield, Alder Lake and Rocket Lake models to the to Intel CPU family (jsc#PED-5023 bsc#1211439).
  • x86/cpu: Add Sapphire Rapids CPU model number (jsc#PED-5023 bsc#1211439).
  • x86/cpu: Add Tiger Lake to Intel family (jsc#PED-5023 bsc#1211439).
  • xfrm6: fix inet6_dev refcount underflow problem (git-fixes).
  • xfrm: reuse uncached_list to track xdsts (git-fixes).
  • xhci: Clear EHB bit only at end of interrupt handler (git-fixes).
  • xsk: Fix incorrect netdev reference count (git-fixes).
References

Affected packages

SUSE:Linux Enterprise Server 12 SP5 / kernel-azure

Package

Name
kernel-azure
Purl
purl:rpm/suse/kernel-azure&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.12.14-16.163.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-azure": "4.12.14-16.163.1",
            "kernel-azure-devel": "4.12.14-16.163.1",
            "kernel-devel-azure": "4.12.14-16.163.1",
            "kernel-syms-azure": "4.12.14-16.163.1",
            "kernel-azure-base": "4.12.14-16.163.1",
            "kernel-source-azure": "4.12.14-16.163.1"
        }
    ]
}

SUSE:Linux Enterprise Server 12 SP5 / kernel-source-azure

Package

Name
kernel-source-azure
Purl
purl:rpm/suse/kernel-source-azure&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.12.14-16.163.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-azure": "4.12.14-16.163.1",
            "kernel-azure-devel": "4.12.14-16.163.1",
            "kernel-devel-azure": "4.12.14-16.163.1",
            "kernel-syms-azure": "4.12.14-16.163.1",
            "kernel-azure-base": "4.12.14-16.163.1",
            "kernel-source-azure": "4.12.14-16.163.1"
        }
    ]
}

SUSE:Linux Enterprise Server 12 SP5 / kernel-syms-azure

Package

Name
kernel-syms-azure
Purl
purl:rpm/suse/kernel-syms-azure&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.12.14-16.163.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-azure": "4.12.14-16.163.1",
            "kernel-azure-devel": "4.12.14-16.163.1",
            "kernel-devel-azure": "4.12.14-16.163.1",
            "kernel-syms-azure": "4.12.14-16.163.1",
            "kernel-azure-base": "4.12.14-16.163.1",
            "kernel-source-azure": "4.12.14-16.163.1"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 12 SP5 / kernel-azure

Package

Name
kernel-azure
Purl
purl:rpm/suse/kernel-azure&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.12.14-16.163.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-azure": "4.12.14-16.163.1",
            "kernel-azure-devel": "4.12.14-16.163.1",
            "kernel-devel-azure": "4.12.14-16.163.1",
            "kernel-syms-azure": "4.12.14-16.163.1",
            "kernel-azure-base": "4.12.14-16.163.1",
            "kernel-source-azure": "4.12.14-16.163.1"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 12 SP5 / kernel-source-azure

Package

Name
kernel-source-azure
Purl
purl:rpm/suse/kernel-source-azure&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.12.14-16.163.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-azure": "4.12.14-16.163.1",
            "kernel-azure-devel": "4.12.14-16.163.1",
            "kernel-devel-azure": "4.12.14-16.163.1",
            "kernel-syms-azure": "4.12.14-16.163.1",
            "kernel-azure-base": "4.12.14-16.163.1",
            "kernel-source-azure": "4.12.14-16.163.1"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 12 SP5 / kernel-syms-azure

Package

Name
kernel-syms-azure
Purl
purl:rpm/suse/kernel-syms-azure&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.12.14-16.163.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-azure": "4.12.14-16.163.1",
            "kernel-azure-devel": "4.12.14-16.163.1",
            "kernel-devel-azure": "4.12.14-16.163.1",
            "kernel-syms-azure": "4.12.14-16.163.1",
            "kernel-azure-base": "4.12.14-16.163.1",
            "kernel-source-azure": "4.12.14-16.163.1"
        }
    ]
}