Bug 1212502 (CVE-2023-3268)

Summary: VUL-0: CVE-2023-3268: kernel: out-of-bounds access in relay_file_read
Product: [Novell Products] SUSE Security Incidents Reporter: Thomas Leroy <thomas.leroy>
Component: IncidentsAssignee: Security Team bot <security-team>
Status: RESOLVED FIXED QA Contact: Security Team bot <security-team>
Severity: Normal    
Priority: P3 - Medium CC: jlee, security-team
Version: unspecified   
Target Milestone: ---   
Hardware: Other   
OS: Other   
URL: https://smash.suse.de/issue/369734/
Whiteboard: CVSSv3.1:SUSE:CVE-2023-3268:6.1:(AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L)
Found By: Security Response Team Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description Thomas Leroy 2023-06-19 09:24:01 UTC 
CVE-2023-3268

An out of bounds (OOB) memory access flaw was found in the Linux kernel in
relay_file_read_start_pos in kernel/relay.c in the relayfs. This flaw could
allow a local attacker to crash the system or leak kernel internal information.

Upstream fix:
https://github.com/torvalds/linux/commit/43ec16f1450f4936025a9bdf1a273affdb9732c1

Fixes:
https://github.com/torvalds/linux/commit/8d62fdebdaf9b866c7e236a8f5cfe90e6dba5773

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3268
https://bugzilla.redhat.com/show_bug.cgi?id=2215502
https://www.cve.org/CVERecord?id=CVE-2023-3268
http://www.cvedetails.com/cve/CVE-2023-3268/
https://lore.kernel.org/lkml/1682238502-1892-1-git-send-email-yangpc@wangsu.com/T/
Comment 1 Thomas Leroy 2023-06-19 09:25:28 UTC 
The buggy commit is quite old so all branches are affected:
- SLE15-SP4
- cve/linux-3.0
- cve/linux-4.12
- cve/linux-4.4
- cve/linux-5.3
- stable
Comment 2 Joey Lee 2023-06-20 14:28:45 UTC 
(In reply to Thomas Leroy from comment #1)
> The buggy commit is quite old so all branches are affected:
> - SLE15-SP4
> - cve/linux-3.0
> - cve/linux-4.12
> - cve/linux-4.4
> - cve/linux-5.3
> - stable

update status:

- SLE15-SP4
- cve/linux-3.0
- cve/linux-4.12        [sent]
- cve/linux-4.4
- cve/linux-5.3         [sent]
- stable
Comment 13 Maintenance Automation 2023-07-10 16:30:27 UTC 
SUSE-SU-2023:2804-1: An update that solves 13 vulnerabilities, contains one feature and has 27 fixes can now be installed.

Category: security (important)
Bug References: 1065729, 1160435, 1172073, 1174852, 1190317, 1191731, 1199046, 1205758, 1208600, 1208604, 1209039, 1209779, 1210533, 1210791, 1211089, 1211519, 1211796, 1212051, 1212128, 1212129, 1212154, 1212158, 1212164, 1212165, 1212167, 1212170, 1212173, 1212175, 1212185, 1212236, 1212240, 1212244, 1212266, 1212443, 1212501, 1212502, 1212606, 1212701, 1212842, 1212938
CVE References: CVE-2023-1077, CVE-2023-1079, CVE-2023-1249, CVE-2023-1637, CVE-2023-2002, CVE-2023-3090, CVE-2023-3111, CVE-2023-3141, CVE-2023-3159, CVE-2023-3161, CVE-2023-3268, CVE-2023-3358, CVE-2023-35824
Jira References: SLE-18857
Sources used:
SUSE Linux Enterprise Real Time 12 SP5 (src): kernel-source-rt-4.12.14-10.130.1, kernel-syms-rt-4.12.14-10.130.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 14 Maintenance Automation 2023-07-11 16:32:53 UTC 
SUSE-SU-2023:2808-1: An update that solves 13 vulnerabilities and has 21 fixes can now be installed.

Category: security (important)
Bug References: 1065729, 1160435, 1174852, 1190317, 1205758, 1208600, 1208604, 1209039, 1209779, 1210533, 1211519, 1212051, 1212128, 1212129, 1212154, 1212158, 1212164, 1212165, 1212167, 1212170, 1212173, 1212175, 1212185, 1212236, 1212240, 1212244, 1212266, 1212443, 1212501, 1212502, 1212606, 1212701, 1212842, 1212938
CVE References: CVE-2023-1077, CVE-2023-1079, CVE-2023-1249, CVE-2023-1637, CVE-2023-2002, CVE-2023-3090, CVE-2023-3111, CVE-2023-3141, CVE-2023-3159, CVE-2023-3161, CVE-2023-3268, CVE-2023-3358, CVE-2023-35824
Sources used:
SUSE Linux Enterprise Server for SAP Applications 12 SP5 (src): kernel-syms-azure-4.12.14-16.139.1, kernel-source-azure-4.12.14-16.139.1
SUSE Linux Enterprise High Performance Computing 12 SP5 (src): kernel-syms-azure-4.12.14-16.139.1, kernel-source-azure-4.12.14-16.139.1
SUSE Linux Enterprise Server 12 SP5 (src): kernel-syms-azure-4.12.14-16.139.1, kernel-source-azure-4.12.14-16.139.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 15 Maintenance Automation 2023-07-12 12:30:15 UTC 
SUSE-SU-2023:2810-1: An update that solves 13 vulnerabilities, contains one feature and has 22 fixes can now be installed.

Category: security (important)
Bug References: 1160435, 1172073, 1187829, 1191731, 1199046, 1199636, 1200217, 1202353, 1205758, 1207088, 1208600, 1209039, 1209342, 1209739, 1210301, 1210469, 1210533, 1210791, 1211089, 1211203, 1211519, 1211592, 1211622, 1211796, 1212128, 1212129, 1212154, 1212158, 1212494, 1212501, 1212502, 1212504, 1212513, 1212606, 1212842
CVE References: CVE-2023-1077, CVE-2023-1249, CVE-2023-2002, CVE-2023-3090, CVE-2023-3141, CVE-2023-3159, CVE-2023-3161, CVE-2023-3268, CVE-2023-3358, CVE-2023-35788, CVE-2023-35823, CVE-2023-35824, CVE-2023-35828
Jira References: SLE-18857
Sources used:
SUSE Real Time Module 15-SP3 (src): kernel-syms-rt-5.3.18-150300.135.1, kernel-source-rt-5.3.18-150300.135.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 16 Maintenance Automation 2023-07-14 11:08:48 UTC 
SUSE-SU-2023:2822-1: An update that solves 13 vulnerabilities, contains one feature and has 27 fixes can now be installed.

Category: security (important)
Bug References: 1065729, 1160435, 1172073, 1174852, 1190317, 1191731, 1199046, 1205758, 1208600, 1208604, 1209039, 1209779, 1210533, 1210791, 1211089, 1211519, 1211796, 1212051, 1212128, 1212129, 1212154, 1212158, 1212164, 1212165, 1212167, 1212170, 1212173, 1212175, 1212185, 1212236, 1212240, 1212244, 1212266, 1212443, 1212501, 1212502, 1212606, 1212701, 1212842, 1212938
CVE References: CVE-2023-1077, CVE-2023-1079, CVE-2023-1249, CVE-2023-1637, CVE-2023-2002, CVE-2023-3090, CVE-2023-3111, CVE-2023-3141, CVE-2023-3159, CVE-2023-3161, CVE-2023-3268, CVE-2023-3358, CVE-2023-35824
Jira References: SLE-18857
Sources used:
SUSE Linux Enterprise Live Patching 12-SP5 (src): kgraft-patch-SLE12-SP5_Update_45-1-8.3.1
SUSE Linux Enterprise Software Development Kit 12 SP5 (src): kernel-obs-build-4.12.14-122.165.1
SUSE Linux Enterprise High Performance Computing 12 SP5 (src): kernel-syms-4.12.14-122.165.1, kernel-source-4.12.14-122.165.1
SUSE Linux Enterprise Server 12 SP5 (src): kernel-syms-4.12.14-122.165.1, kernel-source-4.12.14-122.165.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5 (src): kernel-syms-4.12.14-122.165.1, kernel-source-4.12.14-122.165.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 17 Maintenance Automation 2023-07-14 13:14:53 UTC 
SUSE-SU-2023:2830-1: An update that solves 12 vulnerabilities and has four fixes can now be installed.

Category: security (important)
Bug References: 1160435, 1198400, 1208604, 1209039, 1209779, 1210533, 1211449, 1212051, 1212128, 1212129, 1212154, 1212158, 1212501, 1212502, 1212606, 1212842
CVE References: CVE-2023-1079, CVE-2023-1249, CVE-2023-1637, CVE-2023-2002, CVE-2023-3090, CVE-2023-3111, CVE-2023-3141, CVE-2023-3159, CVE-2023-3161, CVE-2023-3268, CVE-2023-3358, CVE-2023-35824
Sources used:
SUSE Linux Enterprise Live Patching 15-SP1 (src): kernel-livepatch-SLE15-SP1_Update_42-1-150100.3.3.1
SUSE Linux Enterprise High Performance Computing 15 SP1 LTSS 15-SP1 (src): kernel-syms-4.12.14-150100.197.151.1, kernel-source-4.12.14-150100.197.151.1, kernel-obs-build-4.12.14-150100.197.151.1
SUSE Linux Enterprise Server 15 SP1 LTSS 15-SP1 (src): kernel-syms-4.12.14-150100.197.151.1, kernel-source-4.12.14-150100.197.151.1, kernel-obs-build-4.12.14-150100.197.151.1
SUSE Linux Enterprise Server for SAP Applications 15 SP1 (src): kernel-syms-4.12.14-150100.197.151.1, kernel-source-4.12.14-150100.197.151.1, kernel-obs-build-4.12.14-150100.197.151.1
SUSE CaaS Platform 4.0 (src): kernel-syms-4.12.14-150100.197.151.1, kernel-source-4.12.14-150100.197.151.1, kernel-obs-build-4.12.14-150100.197.151.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 18 Maintenance Automation 2023-07-14 21:42:48 UTC 
SUSE-SU-2023:2834-1: An update that solves 13 vulnerabilities and has six fixes can now be installed.

Category: security (important)
Bug References: 1160435, 1187829, 1205758, 1208600, 1209039, 1210533, 1211449, 1211519, 1212128, 1212129, 1212154, 1212158, 1212494, 1212501, 1212502, 1212504, 1212513, 1212606, 1212842
CVE References: CVE-2023-1077, CVE-2023-1249, CVE-2023-2002, CVE-2023-3090, CVE-2023-3141, CVE-2023-3159, CVE-2023-3161, CVE-2023-3268, CVE-2023-3358, CVE-2023-35788, CVE-2023-35823, CVE-2023-35824, CVE-2023-35828
Sources used:
SUSE Linux Enterprise Live Patching 15-SP2 (src): kernel-livepatch-SLE15-SP2_Update_38-1-150200.5.3.1
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (src): kernel-obs-build-5.3.18-150200.24.157.1, kernel-source-5.3.18-150200.24.157.1, kernel-default-base-5.3.18-150200.24.157.1.150200.9.77.1, kernel-syms-5.3.18-150200.24.157.1
SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (src): kernel-obs-build-5.3.18-150200.24.157.1, kernel-source-5.3.18-150200.24.157.1, kernel-default-base-5.3.18-150200.24.157.1.150200.9.77.1, kernel-syms-5.3.18-150200.24.157.1
SUSE Linux Enterprise Server for SAP Applications 15 SP2 (src): kernel-obs-build-5.3.18-150200.24.157.1, kernel-source-5.3.18-150200.24.157.1, kernel-default-base-5.3.18-150200.24.157.1.150200.9.77.1, kernel-syms-5.3.18-150200.24.157.1
SUSE Enterprise Storage 7 (src): kernel-obs-build-5.3.18-150200.24.157.1, kernel-source-5.3.18-150200.24.157.1, kernel-default-base-5.3.18-150200.24.157.1.150200.9.77.1, kernel-syms-5.3.18-150200.24.157.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 19 Maintenance Automation 2023-07-17 16:38:06 UTC 
SUSE-SU-2023:2859-1: An update that solves 13 vulnerabilities and has 13 fixes can now be installed.

Category: security (important)
Bug References: 1160435, 1172073, 1187829, 1191731, 1199046, 1200217, 1205758, 1208600, 1209039, 1209342, 1210533, 1210791, 1211089, 1211519, 1211796, 1212128, 1212129, 1212154, 1212158, 1212494, 1212501, 1212502, 1212504, 1212513, 1212606, 1212842
CVE References: CVE-2023-1077, CVE-2023-1249, CVE-2023-2002, CVE-2023-3090, CVE-2023-3141, CVE-2023-3159, CVE-2023-3161, CVE-2023-3268, CVE-2023-3358, CVE-2023-35788, CVE-2023-35823, CVE-2023-35824, CVE-2023-35828
Sources used:
SUSE Manager Server 4.2 (src): kernel-default-base-5.3.18-150300.59.127.1.150300.18.74.1, kernel-source-5.3.18-150300.59.127.1
SUSE Enterprise Storage 7.1 (src): kernel-default-base-5.3.18-150300.59.127.1.150300.18.74.1, kernel-syms-5.3.18-150300.59.127.1, kernel-source-5.3.18-150300.59.127.1, kernel-obs-build-5.3.18-150300.59.127.1
SUSE Linux Enterprise Micro 5.1 (src): kernel-default-base-5.3.18-150300.59.127.1.150300.18.74.1
SUSE Linux Enterprise Micro 5.2 (src): kernel-default-base-5.3.18-150300.59.127.1.150300.18.74.1
SUSE Linux Enterprise Micro for Rancher 5.2 (src): kernel-default-base-5.3.18-150300.59.127.1.150300.18.74.1
SUSE Linux Enterprise Live Patching 15-SP3 (src): kernel-livepatch-SLE15-SP3_Update_34-1-150300.7.3.1
SUSE Linux Enterprise High Performance Computing ESPOS 15 SP3 (src): kernel-default-base-5.3.18-150300.59.127.1.150300.18.74.1, kernel-syms-5.3.18-150300.59.127.1, kernel-source-5.3.18-150300.59.127.1, kernel-obs-build-5.3.18-150300.59.127.1
SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (src): kernel-default-base-5.3.18-150300.59.127.1.150300.18.74.1, kernel-syms-5.3.18-150300.59.127.1, kernel-source-5.3.18-150300.59.127.1, kernel-obs-build-5.3.18-150300.59.127.1
SUSE Linux Enterprise Real Time 15 SP3 (src): kernel-default-base-5.3.18-150300.59.127.1.150300.18.74.1, kernel-syms-5.3.18-150300.59.127.1, kernel-source-5.3.18-150300.59.127.1, kernel-obs-build-5.3.18-150300.59.127.1
SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (src): kernel-default-base-5.3.18-150300.59.127.1.150300.18.74.1, kernel-syms-5.3.18-150300.59.127.1, kernel-source-5.3.18-150300.59.127.1, kernel-obs-build-5.3.18-150300.59.127.1
SUSE Linux Enterprise Server for SAP Applications 15 SP3 (src): kernel-default-base-5.3.18-150300.59.127.1.150300.18.74.1, kernel-syms-5.3.18-150300.59.127.1, kernel-source-5.3.18-150300.59.127.1, kernel-obs-build-5.3.18-150300.59.127.1
SUSE Manager Proxy 4.2 (src): kernel-default-base-5.3.18-150300.59.127.1.150300.18.74.1, kernel-source-5.3.18-150300.59.127.1
SUSE Manager Retail Branch Server 4.2 (src): kernel-default-base-5.3.18-150300.59.127.1.150300.18.74.1, kernel-source-5.3.18-150300.59.127.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 20 Joey Lee 2023-08-02 08:06:55 UTC 
(In reply to Joey Lee from comment #2)
> (In reply to Thomas Leroy from comment #1)
> > The buggy commit is quite old so all branches are affected:
> > - SLE15-SP4
> > - cve/linux-3.0
> > - cve/linux-4.12
> > - cve/linux-4.4
> > - cve/linux-5.3
> > - stable
> 
> update status:
> 
> - SLE15-SP4
> - cve/linux-3.0
> - cve/linux-4.12        [sent]
> - cve/linux-4.4
> - cve/linux-5.3         [sent]
> - stable

update status:

- SLE15-SP5             [sent]
- SLE15-SP4             [sent]
- cve/linux-3.0
- cve/linux-4.12        [DONE]
- cve/linux-4.4
- cve/linux-5.3         [DONE]
- stable                [v6.4, included 43ec16f1]
Comment 21 Joey Lee 2023-08-02 14:17:39 UTC 
(In reply to Joey Lee from comment #20)
> (In reply to Joey Lee from comment #2)
> > (In reply to Thomas Leroy from comment #1)
> > > The buggy commit is quite old so all branches are affected:
> > > - SLE15-SP4
> > > - cve/linux-3.0
> > > - cve/linux-4.12
> > > - cve/linux-4.4
> > > - cve/linux-5.3
> > > - stable
> > 
> > update status:
> > 
> > - SLE15-SP4
> > - cve/linux-3.0
> > - cve/linux-4.12        [sent]
> > - cve/linux-4.4
> > - cve/linux-5.3         [sent]
> > - stable
> 
> update status:
> 
> - SLE15-SP5             [sent]
> - SLE15-SP4             [sent]
> - cve/linux-3.0
> - cve/linux-4.12        [DONE]
> - cve/linux-4.4
> - cve/linux-5.3         [DONE]
> - stable                [v6.4, included 43ec16f1]

update status:

- SLE15-SP5             [sent]
- SLE15-SP4             [sent]
- cve/linux-3.0         [sent]
- cve/linux-4.12        [DONE]
- cve/linux-4.4         [sent]
- cve/linux-5.3         [DONE]
- stable                [v6.4, included 43ec16f1]

The linux-3.0 kernel is verify. So I have modified the backported 43ec16f1 patch for v3.0 kernel code.
Comment 22 Joey Lee 2023-08-02 14:27:09 UTC 
(In reply to Joey Lee from comment #21)
> (In reply to Joey Lee from comment #20)
[...snip]
> update status:
> 
> - SLE15-SP5             [sent]
> - SLE15-SP4             [sent]
> - cve/linux-3.0         [sent]
> - cve/linux-4.12        [DONE]
> - cve/linux-4.4         [sent]
> - cve/linux-5.3         [DONE]
> - stable                [v6.4, included 43ec16f1]
> 
> The linux-3.0 kernel is verify. So I have modified the backported 43ec16f1
                          ^^^^^^
                               too old
> patch for v3.0 kernel code.

Sorry for my typo!
Comment 46 Joey Lee 2023-08-14 05:24:54 UTC 
update status:

- SLE15-SP5             [DONE]
- SLE15-SP4             [DONE]
- cve/linux-3.0         [DONE]
- cve/linux-4.12        [DONE]
- cve/linux-4.4         [DONE]
- cve/linux-5.3         [DONE]
- stable                [v6.4, included 43ec16f1]

reset assignee
Comment 47 Maintenance Automation 2023-08-14 08:30:13 UTC 
SUSE-SU-2023:3302-1: An update that solves 28 vulnerabilities, contains two features and has 115 fixes can now be installed.

Category: security (important)
Bug References: 1150305, 1187829, 1193629, 1194869, 1206418, 1207129, 1207894, 1207948, 1208788, 1210335, 1210565, 1210584, 1210627, 1210780, 1210825, 1210853, 1211014, 1211131, 1211243, 1211738, 1211811, 1211867, 1212051, 1212256, 1212265, 1212301, 1212445, 1212456, 1212502, 1212525, 1212603, 1212604, 1212685, 1212766, 1212835, 1212838, 1212842, 1212846, 1212848, 1212861, 1212869, 1212892, 1212901, 1212905, 1212961, 1213010, 1213011, 1213012, 1213013, 1213014, 1213015, 1213016, 1213017, 1213018, 1213019, 1213020, 1213021, 1213024, 1213025, 1213032, 1213034, 1213035, 1213036, 1213037, 1213038, 1213039, 1213040, 1213041, 1213059, 1213061, 1213087, 1213088, 1213089, 1213090, 1213092, 1213093, 1213094, 1213095, 1213096, 1213098, 1213099, 1213100, 1213102, 1213103, 1213104, 1213105, 1213106, 1213107, 1213108, 1213109, 1213110, 1213111, 1213112, 1213113, 1213114, 1213116, 1213134, 1213167, 1213205, 1213206, 1213226, 1213233, 1213245, 1213247, 1213252, 1213258, 1213259, 1213263, 1213264, 1213272, 1213286, 1213287, 1213304, 1213417, 1213493, 1213523, 1213524, 1213533, 1213543, 1213578, 1213585, 1213586, 1213588, 1213601, 1213620, 1213632, 1213653, 1213705, 1213713, 1213715, 1213747, 1213756, 1213759, 1213777, 1213810, 1213812, 1213856, 1213857, 1213863, 1213867, 1213870, 1213871, 1213872
CVE References: CVE-2022-40982, CVE-2023-0459, CVE-2023-1829, CVE-2023-20569, CVE-2023-20593, CVE-2023-21400, CVE-2023-2156, CVE-2023-2166, CVE-2023-2430, CVE-2023-2985, CVE-2023-3090, CVE-2023-31083, CVE-2023-3111, CVE-2023-3117, CVE-2023-31248, CVE-2023-3212, CVE-2023-3268, CVE-2023-3389, CVE-2023-3390, CVE-2023-35001, CVE-2023-3567, CVE-2023-3609, CVE-2023-3611, CVE-2023-3776, CVE-2023-3812, CVE-2023-38409, CVE-2023-3863, CVE-2023-4004
Jira References: PED-4718, PED-4758
Sources used:
openSUSE Leap 15.5 (src): kernel-livepatch-SLE15-SP5-RT_Update_3-1-150500.11.5.1, kernel-syms-rt-5.14.21-150500.13.11.1, kernel-source-rt-5.14.21-150500.13.11.1
SUSE Linux Enterprise Live Patching 15-SP5 (src): kernel-livepatch-SLE15-SP5-RT_Update_3-1-150500.11.5.1
SUSE Real Time Module 15-SP5 (src): kernel-syms-rt-5.14.21-150500.13.11.1, kernel-source-rt-5.14.21-150500.13.11.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 48 Maintenance Automation 2023-08-14 16:30:14 UTC 
SUSE-SU-2023:3313-1: An update that solves 13 vulnerabilities and has 20 fixes can now be installed.

Category: security (important)
Bug References: 1206418, 1207129, 1210627, 1210780, 1211131, 1211738, 1212502, 1212604, 1212901, 1213167, 1213272, 1213287, 1213304, 1213585, 1213586, 1213588, 1213620, 1213653, 1213713, 1213715, 1213747, 1213756, 1213759, 1213777, 1213810, 1213812, 1213842, 1213856, 1213857, 1213863, 1213867, 1213870, 1213871
CVE References: CVE-2022-40982, CVE-2023-0459, CVE-2023-20569, CVE-2023-21400, CVE-2023-2156, CVE-2023-2166, CVE-2023-31083, CVE-2023-3268, CVE-2023-3567, CVE-2023-3609, CVE-2023-3611, CVE-2023-3776, CVE-2023-4004
Sources used:
SUSE Linux Enterprise Micro for Rancher 5.4 (src): kernel-default-base-5.14.21-150400.24.81.1.150400.24.35.3
SUSE Linux Enterprise Micro 5.4 (src): kernel-default-base-5.14.21-150400.24.81.1.150400.24.35.3
Basesystem Module 15-SP4 (src): kernel-default-base-5.14.21-150400.24.81.1.150400.24.35.3, kernel-source-5.14.21-150400.24.81.1
Development Tools Module 15-SP4 (src): kernel-source-5.14.21-150400.24.81.1, kernel-syms-5.14.21-150400.24.81.1, kernel-obs-build-5.14.21-150400.24.81.1
SUSE Linux Enterprise Live Patching 15-SP4 (src): kernel-livepatch-SLE15-SP4_Update_16-1-150400.9.3.3
openSUSE Leap 15.4 (src): kernel-obs-qa-5.14.21-150400.24.81.1, kernel-default-base-5.14.21-150400.24.81.1.150400.24.35.3, kernel-syms-5.14.21-150400.24.81.1, kernel-source-5.14.21-150400.24.81.1, kernel-obs-build-5.14.21-150400.24.81.1, kernel-livepatch-SLE15-SP4_Update_16-1-150400.9.3.3
openSUSE Leap Micro 5.3 (src): kernel-default-base-5.14.21-150400.24.81.1.150400.24.35.3
openSUSE Leap Micro 5.4 (src): kernel-default-base-5.14.21-150400.24.81.1.150400.24.35.3
SUSE Linux Enterprise Micro for Rancher 5.3 (src): kernel-default-base-5.14.21-150400.24.81.1.150400.24.35.3
SUSE Linux Enterprise Micro 5.3 (src): kernel-default-base-5.14.21-150400.24.81.1.150400.24.35.3

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 49 Maintenance Automation 2023-08-14 16:30:31 UTC 
SUSE-SU-2023:3311-1: An update that solves 15 vulnerabilities and has 27 fixes can now be installed.

Category: security (important)
Bug References: 1206418, 1207129, 1207948, 1210627, 1210780, 1210825, 1211131, 1211738, 1211811, 1212445, 1212502, 1212604, 1212766, 1212901, 1213167, 1213272, 1213287, 1213304, 1213417, 1213578, 1213585, 1213586, 1213588, 1213601, 1213620, 1213632, 1213653, 1213713, 1213715, 1213747, 1213756, 1213759, 1213777, 1213810, 1213812, 1213856, 1213857, 1213863, 1213867, 1213870, 1213871, 1213872
CVE References: CVE-2022-40982, CVE-2023-0459, CVE-2023-20569, CVE-2023-21400, CVE-2023-2156, CVE-2023-2166, CVE-2023-31083, CVE-2023-3268, CVE-2023-3567, CVE-2023-3609, CVE-2023-3611, CVE-2023-3776, CVE-2023-38409, CVE-2023-3863, CVE-2023-4004
Sources used:
openSUSE Leap 15.5 (src): kernel-syms-5.14.21-150500.55.19.1, kernel-default-base-5.14.21-150500.55.19.1.150500.6.6.4, kernel-livepatch-SLE15-SP5_Update_3-1-150500.11.3.4, kernel-source-5.14.21-150500.55.19.1, kernel-obs-qa-5.14.21-150500.55.19.1, kernel-obs-build-5.14.21-150500.55.19.1
Basesystem Module 15-SP5 (src): kernel-default-base-5.14.21-150500.55.19.1.150500.6.6.4, kernel-source-5.14.21-150500.55.19.1
Development Tools Module 15-SP5 (src): kernel-obs-build-5.14.21-150500.55.19.1, kernel-syms-5.14.21-150500.55.19.1, kernel-source-5.14.21-150500.55.19.1
SUSE Linux Enterprise Live Patching 15-SP5 (src): kernel-livepatch-SLE15-SP5_Update_3-1-150500.11.3.4

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 50 Maintenance Automation 2023-08-15 12:30:09 UTC 
SUSE-SU-2023:3318-1: An update that solves 20 vulnerabilities and has 89 fixes can now be installed.

Category: security (important)
Bug References: 1150305, 1193629, 1194869, 1206418, 1207129, 1207894, 1208788, 1210565, 1210584, 1210627, 1210780, 1210853, 1211131, 1211243, 1211738, 1211811, 1211867, 1212301, 1212502, 1212604, 1212846, 1212901, 1212905, 1213010, 1213011, 1213012, 1213013, 1213014, 1213015, 1213016, 1213017, 1213018, 1213019, 1213020, 1213021, 1213024, 1213025, 1213032, 1213034, 1213035, 1213036, 1213037, 1213038, 1213039, 1213040, 1213041, 1213059, 1213061, 1213087, 1213088, 1213089, 1213090, 1213092, 1213093, 1213094, 1213095, 1213096, 1213098, 1213099, 1213100, 1213102, 1213103, 1213104, 1213105, 1213106, 1213107, 1213108, 1213109, 1213110, 1213111, 1213112, 1213113, 1213114, 1213134, 1213167, 1213245, 1213247, 1213252, 1213258, 1213259, 1213263, 1213264, 1213272, 1213286, 1213287, 1213304, 1213523, 1213524, 1213543, 1213585, 1213586, 1213588, 1213620, 1213653, 1213705, 1213713, 1213715, 1213747, 1213756, 1213759, 1213777, 1213810, 1213812, 1213856, 1213857, 1213863, 1213867, 1213870, 1213871
CVE References: CVE-2022-40982, CVE-2023-0459, CVE-2023-20569, CVE-2023-20593, CVE-2023-21400, CVE-2023-2156, CVE-2023-2166, CVE-2023-2985, CVE-2023-31083, CVE-2023-3117, CVE-2023-31248, CVE-2023-3268, CVE-2023-3390, CVE-2023-35001, CVE-2023-3567, CVE-2023-3609, CVE-2023-3611, CVE-2023-3776, CVE-2023-3812, CVE-2023-4004
Sources used:
openSUSE Leap 15.4 (src): kernel-syms-rt-5.14.21-150400.15.46.1, kernel-source-rt-5.14.21-150400.15.46.1
SUSE Linux Enterprise Live Patching 15-SP4 (src): kernel-livepatch-SLE15-SP4-RT_Update_11-1-150400.1.5.1
SUSE Real Time Module 15-SP4 (src): kernel-syms-rt-5.14.21-150400.15.46.1, kernel-source-rt-5.14.21-150400.15.46.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 51 Maintenance Automation 2023-08-16 08:31:33 UTC 
SUSE-SU-2023:3324-1: An update that solves 14 vulnerabilities and has two fixes can now be installed.

Category: security (important)
Bug References: 1087082, 1126703, 1206418, 1207561, 1209779, 1210584, 1211738, 1211867, 1212502, 1213059, 1213167, 1213251, 1213286, 1213287, 1213585, 1213588
CVE References: CVE-2018-20784, CVE-2018-3639, CVE-2022-40982, CVE-2023-0459, CVE-2023-1637, CVE-2023-20569, CVE-2023-20593, CVE-2023-2985, CVE-2023-3106, CVE-2023-3268, CVE-2023-35001, CVE-2023-3567, CVE-2023-3611, CVE-2023-3776
Sources used:
SUSE Linux Enterprise Server 12 SP2 BCL 12-SP2 (src): kernel-syms-4.4.121-92.208.1, kernel-source-4.4.121-92.208.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 52 Maintenance Automation 2023-08-16 12:30:02 UTC 
SUSE-SU-2023:3333-1: An update that solves 13 vulnerabilities can now be installed.

Category: security (important)
Bug References: 1087082, 1102851, 1205803, 1206418, 1211738, 1212128, 1212129, 1212154, 1212501, 1212502, 1213167, 1213286, 1213588
CVE References: CVE-2017-18344, CVE-2018-3639, CVE-2022-40982, CVE-2022-45919, CVE-2023-0459, CVE-2023-20593, CVE-2023-3141, CVE-2023-3159, CVE-2023-3161, CVE-2023-3268, CVE-2023-3567, CVE-2023-35824, CVE-2023-3776
Sources used:
SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE 11-SP4 (src): kernel-syms-3.0.101-108.144.1, kernel-source-3.0.101-108.144.1
SUSE Linux Enterprise Server 11 SP4 (src): kernel-syms-3.0.101-108.144.1, kernel-source-3.0.101-108.144.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 53 Maintenance Automation 2023-08-22 16:30:06 UTC 
SUSE-SU-2023:3376-1: An update that solves 15 vulnerabilities and has 27 fixes can now be installed.

Category: security (important)
Bug References: 1206418, 1207129, 1207948, 1210627, 1210780, 1210825, 1211131, 1211738, 1211811, 1212445, 1212502, 1212604, 1212766, 1212901, 1213167, 1213272, 1213287, 1213304, 1213417, 1213578, 1213585, 1213586, 1213588, 1213601, 1213620, 1213632, 1213653, 1213713, 1213715, 1213747, 1213756, 1213759, 1213777, 1213810, 1213812, 1213856, 1213857, 1213863, 1213867, 1213870, 1213871, 1213872
CVE References: CVE-2022-40982, CVE-2023-0459, CVE-2023-20569, CVE-2023-21400, CVE-2023-2156, CVE-2023-2166, CVE-2023-31083, CVE-2023-3268, CVE-2023-3567, CVE-2023-3609, CVE-2023-3611, CVE-2023-3776, CVE-2023-38409, CVE-2023-3863, CVE-2023-4004
Sources used:
openSUSE Leap 15.5 (src): kernel-syms-azure-5.14.21-150500.33.14.1, kernel-source-azure-5.14.21-150500.33.14.1
Public Cloud Module 15-SP5 (src): kernel-syms-azure-5.14.21-150500.33.14.1, kernel-source-azure-5.14.21-150500.33.14.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 54 Maintenance Automation 2023-08-22 20:30:13 UTC 
SUSE-SU-2023:3377-1: An update that solves 11 vulnerabilities and has 19 fixes can now be installed.

Category: security (important)
Bug References: 1206418, 1207129, 1210627, 1210780, 1211131, 1211738, 1212502, 1212604, 1212901, 1213167, 1213272, 1213287, 1213304, 1213588, 1213620, 1213653, 1213713, 1213715, 1213747, 1213756, 1213759, 1213777, 1213810, 1213812, 1213856, 1213857, 1213863, 1213867, 1213870, 1213871
CVE References: CVE-2022-40982, CVE-2023-0459, CVE-2023-20569, CVE-2023-21400, CVE-2023-2156, CVE-2023-2166, CVE-2023-31083, CVE-2023-3268, CVE-2023-3567, CVE-2023-3776, CVE-2023-4004
Sources used:
openSUSE Leap 15.4 (src): kernel-source-azure-5.14.21-150400.14.63.1, kernel-syms-azure-5.14.21-150400.14.63.1
Public Cloud Module 15-SP4 (src): kernel-source-azure-5.14.21-150400.14.63.1, kernel-syms-azure-5.14.21-150400.14.63.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 59 Andrea Mattiazzo 2024-07-10 13:52:20 UTC 
All done, closing.