Bugzilla – Bug 1203332
VUL-0: CVE-2022-36280: kernel: out-of-bounds memory access vulnerability found in vmwgfx driver
Last modified: 2023-03-31 12:30:11 UTC
CVE-2022-36280 An out-of-bounds(OOB) memory access vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_kms.c in GPU component in the Linux kernel with device file '/dev/dri/renderD128 (or Dxxx)'. This flaw allows a local attacker with a user account on the system to gain privilege, causing a denial of service(DoS). References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-36280 https://www.cve.org/CVERecord?id=CVE-2022-36280 https://bugzilla.openanolis.cn/show_bug.cgi?id=2071
Thomas, this seems to be in your area. Please, handle the bug or eventually assign it to a more appropriate person.
A gentle reminder from Kernel Security Sentinel: is there any progress in the upstream about this bug?
I guess that the situation here is the same as in the bug #1203517, e.i. the fix is not available in upstream yet. Am I right, please?
(In reply to Petr Mladek from comment #5) > I guess that the situation here is the same as in the bug #1203517, e.i. the > fix is not available in upstream yet. Am I right, please? No changes here.
> 4cf949c7fafe ("drm/vmwgfx: Validate the box size for the snooped cursor") > (v6.2-rc1). cve/linux-4.12: added cve/linux-4.4: added
SUSE-SU-2023:0488-1: An update that solves 11 vulnerabilities, contains two features and has 133 fixes can now be installed. Category: security (important) Bug References: 1166486, 1185861, 1185863, 1186449, 1191256, 1192868, 1193629, 1194869, 1195175, 1195655, 1196058, 1199701, 1203332, 1204063, 1204356, 1204662, 1205495, 1206006, 1206036, 1206056, 1206057, 1206224, 1206258, 1206363, 1206459, 1206616, 1206640, 1206677, 1206784, 1206876, 1206877, 1206878, 1206880, 1206881, 1206882, 1206883, 1206884, 1206885, 1206886, 1206887, 1206888, 1206889, 1206890, 1206893, 1206894, 1207010, 1207034, 1207036, 1207050, 1207125, 1207134, 1207149, 1207158, 1207184, 1207186, 1207188, 1207189, 1207190, 1207237, 1207263, 1207269, 1207328, 1207497, 1207500, 1207501, 1207506, 1207507, 1207588, 1207589, 1207590, 1207591, 1207592, 1207593, 1207594, 1207602, 1207603, 1207605, 1207606, 1207607, 1207608, 1207609, 1207610, 1207611, 1207612, 1207613, 1207614, 1207615, 1207616, 1207617, 1207618, 1207619, 1207620, 1207621, 1207622, 1207623, 1207624, 1207625, 1207626, 1207627, 1207628, 1207629, 1207630, 1207631, 1207632, 1207633, 1207634, 1207635, 1207636, 1207637, 1207638, 1207639, 1207640, 1207641, 1207642, 1207643, 1207644, 1207645, 1207646, 1207647, 1207648, 1207649, 1207650, 1207651, 1207652, 1207653, 1207734, 1207768, 1207769, 1207770, 1207771, 1207773, 1207795, 1207842, 1207875, 1207878, 1207933, 1208030, 1208044, 1208085, 1208149, 1208153, 1208183, 1208428, 1208429 CVE References: CVE-2020-24588, CVE-2022-36280, CVE-2022-4382, CVE-2022-47929, CVE-2023-0045, CVE-2023-0122, CVE-2023-0179, CVE-2023-0266, CVE-2023-0590, CVE-2023-23454, CVE-2023-23455 Jira References: PED-3210, SLE-21132 Sources used: openSUSE Leap 15.4 (src): kernel-source-rt-5.14.21-150400.15.11.1, kernel-syms-rt-5.14.21-150400.15.11.1 SUSE Linux Enterprise Live Patching 15-SP4 (src): kernel-livepatch-SLE15-SP4-RT_Update_3-1-150400.1.3.1 SUSE Real Time Module 15-SP4 (src): kernel-source-rt-5.14.21-150400.15.11.1, kernel-syms-rt-5.14.21-150400.15.11.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2023:0485-1: An update that solves six vulnerabilities, contains two features and has 53 fixes can now be installed. Category: security (important) Bug References: 1175995, 1186449, 1198971, 1202712, 1202713, 1203332, 1203693, 1204356, 1204514, 1204662, 1205149, 1205397, 1205495, 1206602, 1206635, 1206640, 1206641, 1206642, 1206643, 1206645, 1206646, 1206648, 1206649, 1206677, 1206698, 1206784, 1206855, 1206858, 1206873, 1206876, 1206877, 1206878, 1206880, 1206882, 1206883, 1206884, 1206885, 1206887, 1206888, 1206890, 1207036, 1207092, 1207093, 1207094, 1207097, 1207102, 1207103, 1207104, 1207107, 1207108, 1207134, 1207168, 1207186, 1207195, 1207237, 1207773, 1207795, 1207875, 1208108 CVE References: CVE-2022-36280, CVE-2022-47929, CVE-2023-0045, CVE-2023-0266, CVE-2023-0590, CVE-2023-23454 Jira References: PED-1706, SLE-15608 Sources used: SUSE Linux Enterprise Real Time 12 SP5 (src): kernel-source-rt-4.12.14-10.115.1, kernel-syms-rt-4.12.14-10.115.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2023:0634-1: An update that solves nine vulnerabilities, contains two features and has 56 fixes can now be installed. Category: security (important) Bug References: 1068032, 1175995, 1186449, 1194535, 1198971, 1201420, 1202195, 1202712, 1202713, 1203200, 1203332, 1203693, 1204356, 1204514, 1204662, 1205149, 1205397, 1205495, 1206602, 1206635, 1206640, 1206641, 1206642, 1206643, 1206645, 1206646, 1206648, 1206649, 1206664, 1206677, 1206698, 1206784, 1206855, 1206858, 1206873, 1206876, 1206877, 1206878, 1206880, 1206882, 1206883, 1206884, 1206885, 1206887, 1206888, 1206890, 1207092, 1207093, 1207094, 1207097, 1207102, 1207103, 1207104, 1207107, 1207108, 1207134, 1207186, 1207201, 1207237, 1207773, 1207795, 1207875, 1208108, 1208541, 1208570 CVE References: CVE-2017-5754, CVE-2021-4203, CVE-2022-2991, CVE-2022-36280, CVE-2022-4662, CVE-2022-47929, CVE-2023-0045, CVE-2023-0266, CVE-2023-0590 Jira References: PED-1706, SLE-15608 Sources used: SUSE Linux Enterprise Live Patching 12-SP5 (src): kgraft-patch-SLE12-SP5_Update_40-1-8.3.1 SUSE Linux Enterprise Software Development Kit 12 SP5 (src): kernel-obs-build-4.12.14-122.150.1 SUSE Linux Enterprise High Performance Computing 12 SP5 (src): kernel-source-4.12.14-122.150.1, kernel-syms-4.12.14-122.150.1 SUSE Linux Enterprise Server 12 SP5 (src): kernel-source-4.12.14-122.150.1, kernel-syms-4.12.14-122.150.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5 (src): kernel-source-4.12.14-122.150.1, kernel-syms-4.12.14-122.150.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2023:0768-1: An update that solves 11 vulnerabilities and has five fixes can now be installed. Category: security (important) Bug References: 1186449, 1194535, 1201420, 1203331, 1203332, 1204356, 1204662, 1205711, 1207051, 1207773, 1207795, 1207845, 1207875, 1208700, 1208837, 1209188 CVE References: CVE-2021-4203, CVE-2022-2991, CVE-2022-36280, CVE-2022-38096, CVE-2022-4129, CVE-2023-0045, CVE-2023-0590, CVE-2023-0597, CVE-2023-1118, CVE-2023-23559, CVE-2023-26545 Sources used: SUSE Linux Enterprise Live Patching 15-SP1 (src): kernel-livepatch-SLE15-SP1_Update_38-1-150100.3.3.2 SUSE Linux Enterprise High Performance Computing 15 SP1 LTSS 15-SP1 (src): kernel-syms-4.12.14-150100.197.137.2, kernel-obs-build-4.12.14-150100.197.137.2, kernel-source-4.12.14-150100.197.137.2 SUSE Linux Enterprise Server 15 SP1 LTSS 15-SP1 (src): kernel-syms-4.12.14-150100.197.137.2, kernel-obs-build-4.12.14-150100.197.137.2, kernel-source-4.12.14-150100.197.137.2 SUSE Linux Enterprise Server for SAP Applications 15 SP1 (src): kernel-syms-4.12.14-150100.197.137.2, kernel-obs-build-4.12.14-150100.197.137.2, kernel-source-4.12.14-150100.197.137.2 SUSE CaaS Platform 4.0 (src): kernel-syms-4.12.14-150100.197.137.2, kernel-obs-build-4.12.14-150100.197.137.2, kernel-source-4.12.14-150100.197.137.2 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2023:0778-1: An update that solves 11 vulnerabilities and has 10 fixes can now be installed. Category: security (important) Bug References: 1186449, 1203331, 1203332, 1204356, 1204662, 1207051, 1207773, 1207795, 1207845, 1207875, 1207878, 1208023, 1208153, 1208212, 1208700, 1208741, 1208813, 1208816, 1208837, 1208845, 1208971 CVE References: CVE-2022-36280, CVE-2022-38096, CVE-2023-0045, CVE-2023-0590, CVE-2023-0597, CVE-2023-1118, CVE-2023-22995, CVE-2023-23000, CVE-2023-23006, CVE-2023-23559, CVE-2023-26545 Sources used: SUSE Linux Enterprise Live Patching 15-SP2 (src): kernel-livepatch-SLE15-SP2_Update_34-1-150200.5.3.1 SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (src): kernel-default-base-5.3.18-150200.24.145.1.150200.9.69.1, kernel-obs-build-5.3.18-150200.24.145.1, kernel-source-5.3.18-150200.24.145.1, kernel-syms-5.3.18-150200.24.145.1 SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (src): kernel-default-base-5.3.18-150200.24.145.1.150200.9.69.1, kernel-obs-build-5.3.18-150200.24.145.1, kernel-source-5.3.18-150200.24.145.1, kernel-syms-5.3.18-150200.24.145.1 SUSE Linux Enterprise Server for SAP Applications 15 SP2 (src): kernel-default-base-5.3.18-150200.24.145.1.150200.9.69.1, kernel-obs-build-5.3.18-150200.24.145.1, kernel-source-5.3.18-150200.24.145.1, kernel-syms-5.3.18-150200.24.145.1 SUSE Enterprise Storage 7 (src): kernel-default-base-5.3.18-150200.24.145.1.150200.9.69.1, kernel-obs-build-5.3.18-150200.24.145.1, kernel-source-5.3.18-150200.24.145.1, kernel-syms-5.3.18-150200.24.145.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2023:0780-1: An update that solves 12 vulnerabilities and has 13 fixes can now be installed. Category: security (important) Bug References: 1186449, 1195175, 1198438, 1203331, 1203332, 1204356, 1204662, 1206103, 1206351, 1207051, 1207575, 1207773, 1207795, 1207845, 1207875, 1208023, 1208153, 1208212, 1208700, 1208741, 1208776, 1208816, 1208837, 1208845, 1208971 CVE References: CVE-2022-36280, CVE-2022-38096, CVE-2023-0045, CVE-2023-0590, CVE-2023-0597, CVE-2023-1118, CVE-2023-22995, CVE-2023-22998, CVE-2023-23000, CVE-2023-23006, CVE-2023-23559, CVE-2023-26545 Sources used: SUSE Linux Enterprise Live Patching 15-SP3 (src): kernel-livepatch-SLE15-SP3_Update_30-1-150300.7.3.1 SUSE Linux Enterprise High Performance Computing ESPOS 15 SP3 (src): kernel-obs-build-5.3.18-150300.59.115.2, kernel-source-5.3.18-150300.59.115.2, kernel-default-base-5.3.18-150300.59.115.2.150300.18.66.1, kernel-syms-5.3.18-150300.59.115.1 SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (src): kernel-obs-build-5.3.18-150300.59.115.2, kernel-source-5.3.18-150300.59.115.2, kernel-default-base-5.3.18-150300.59.115.2.150300.18.66.1, kernel-syms-5.3.18-150300.59.115.1 SUSE Linux Enterprise Real Time 15 SP3 (src): kernel-obs-build-5.3.18-150300.59.115.2, kernel-source-5.3.18-150300.59.115.2, kernel-default-base-5.3.18-150300.59.115.2.150300.18.66.1, kernel-syms-5.3.18-150300.59.115.1 SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (src): kernel-obs-build-5.3.18-150300.59.115.2, kernel-source-5.3.18-150300.59.115.2, kernel-default-base-5.3.18-150300.59.115.2.150300.18.66.1, kernel-syms-5.3.18-150300.59.115.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3 (src): kernel-obs-build-5.3.18-150300.59.115.2, kernel-source-5.3.18-150300.59.115.2, kernel-default-base-5.3.18-150300.59.115.2.150300.18.66.1, kernel-syms-5.3.18-150300.59.115.1 SUSE Manager Proxy 4.2 (src): kernel-source-5.3.18-150300.59.115.2, kernel-default-base-5.3.18-150300.59.115.2.150300.18.66.1 SUSE Manager Retail Branch Server 4.2 (src): kernel-source-5.3.18-150300.59.115.2, kernel-default-base-5.3.18-150300.59.115.2.150300.18.66.1 SUSE Manager Server 4.2 (src): kernel-source-5.3.18-150300.59.115.2, kernel-default-base-5.3.18-150300.59.115.2.150300.18.66.1 SUSE Enterprise Storage 7.1 (src): kernel-obs-build-5.3.18-150300.59.115.2, kernel-source-5.3.18-150300.59.115.2, kernel-default-base-5.3.18-150300.59.115.2.150300.18.66.1, kernel-syms-5.3.18-150300.59.115.1 SUSE Linux Enterprise Micro 5.1 (src): kernel-default-base-5.3.18-150300.59.115.2.150300.18.66.1 SUSE Linux Enterprise Micro 5.2 (src): kernel-default-base-5.3.18-150300.59.115.2.150300.18.66.1 SUSE Linux Enterprise Micro for Rancher 5.2 (src): kernel-default-base-5.3.18-150300.59.115.2.150300.18.66.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2023:0779-1: An update that solves 21 vulnerabilities and has 12 fixes can now be installed. Category: security (important) Bug References: 1186449, 1203331, 1203332, 1203693, 1204502, 1204760, 1205149, 1206351, 1206677, 1206784, 1207034, 1207051, 1207134, 1207186, 1207237, 1207497, 1207508, 1207560, 1207773, 1207795, 1207845, 1207875, 1207878, 1208212, 1208599, 1208700, 1208741, 1208776, 1208816, 1208837, 1208845, 1208971, 1209008 CVE References: CVE-2022-3606, CVE-2022-36280, CVE-2022-38096, CVE-2022-47929, CVE-2023-0045, CVE-2023-0179, CVE-2023-0266, CVE-2023-0590, CVE-2023-0597, CVE-2023-1076, CVE-2023-1095, CVE-2023-1118, CVE-2023-1195, CVE-2023-22995, CVE-2023-22998, CVE-2023-23000, CVE-2023-23004, CVE-2023-23006, CVE-2023-23559, CVE-2023-25012, CVE-2023-26545 Sources used: SUSE Real Time Module 15-SP3 (src): kernel-syms-rt-5.3.18-150300.121.1, kernel-source-rt-5.3.18-150300.121.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2023:0796-1: An update that solves eight vulnerabilities and has 85 fixes can now be installed. Category: security (important) Bug References: 1166486, 1177529, 1203331, 1203332, 1204993, 1205544, 1206224, 1206232, 1206459, 1206640, 1206876, 1206877, 1206878, 1206880, 1206881, 1206882, 1206883, 1206884, 1206885, 1206886, 1206889, 1206894, 1207051, 1207270, 1207328, 1207588, 1207589, 1207590, 1207591, 1207592, 1207593, 1207594, 1207603, 1207605, 1207606, 1207607, 1207608, 1207609, 1207610, 1207613, 1207615, 1207617, 1207618, 1207619, 1207620, 1207621, 1207623, 1207624, 1207625, 1207626, 1207628, 1207630, 1207631, 1207632, 1207634, 1207635, 1207636, 1207638, 1207639, 1207641, 1207642, 1207643, 1207644, 1207645, 1207646, 1207647, 1207648, 1207651, 1207653, 1207770, 1207773, 1207845, 1207875, 1208149, 1208153, 1208183, 1208212, 1208290, 1208420, 1208428, 1208429, 1208449, 1208534, 1208541, 1208570, 1208607, 1208628, 1208700, 1208741, 1208759, 1208784, 1208787, 1209188 CVE References: CVE-2022-36280, CVE-2022-38096, CVE-2023-0045, CVE-2023-0461, CVE-2023-0597, CVE-2023-22995, CVE-2023-23559, CVE-2023-26545 Sources used: openSUSE Leap Micro 5.3 (src): kernel-default-base-5.14.21-150400.24.49.3.150400.24.19.3 openSUSE Leap 15.4 (src): kernel-obs-qa-5.14.21-150400.24.49.2, kernel-default-base-5.14.21-150400.24.49.3.150400.24.19.3, kernel-syms-5.14.21-150400.24.49.4, kernel-source-5.14.21-150400.24.49.4, kernel-obs-build-5.14.21-150400.24.49.3 SUSE Linux Enterprise Micro for Rancher 5.3 (src): kernel-default-base-5.14.21-150400.24.49.3.150400.24.19.3 SUSE Linux Enterprise Micro 5.3 (src): kernel-default-base-5.14.21-150400.24.49.3.150400.24.19.3 Basesystem Module 15-SP4 (src): kernel-source-5.14.21-150400.24.49.4, kernel-default-base-5.14.21-150400.24.49.3.150400.24.19.3 Development Tools Module 15-SP4 (src): kernel-syms-5.14.21-150400.24.49.4, kernel-source-5.14.21-150400.24.49.4, kernel-obs-build-5.14.21-150400.24.49.3 SUSE Linux Enterprise Live Patching 15-SP4 (src): kernel-livepatch-SLE15-SP4_Update_9-1-150400.9.3.3 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2023:0852-1: An update that solves nine vulnerabilities and has two fixes can now be installed. Category: security (important) Bug References: 1191881, 1194535, 1201420, 1203331, 1203332, 1205711, 1207051, 1207773, 1207795, 1208700, 1209188 CVE References: CVE-2021-4203, CVE-2022-2991, CVE-2022-36280, CVE-2022-38096, CVE-2022-4129, CVE-2023-0045, CVE-2023-0590, CVE-2023-23559, CVE-2023-26545 Sources used: SUSE OpenStack Cloud 9 (src): kernel-source-4.12.14-95.120.4, kernel-syms-4.12.14-95.120.4 SUSE OpenStack Cloud Crowbar 9 (src): kernel-source-4.12.14-95.120.4, kernel-syms-4.12.14-95.120.4 SUSE Linux Enterprise Live Patching 12-SP4 (src): kgraft-patch-SLE12-SP4_Update_34-1-6.3.4 SUSE Linux Enterprise Server for SAP Applications 12 SP4 (src): kernel-source-4.12.14-95.120.4, kernel-syms-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4 ESPOS 12-SP4 (src): kernel-source-4.12.14-95.120.4, kernel-syms-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4 LTSS 12-SP4 (src): kernel-source-4.12.14-95.120.4, kernel-syms-4.12.14-95.120.4 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2023:1608-1: An update that solves 24 vulnerabilities and has 112 fixes can now be installed. Category: security (important) Bug References: 1166486, 1177529, 1193629, 1197534, 1197617, 1198438, 1200054, 1202353, 1202633, 1203200, 1203331, 1203332, 1204363, 1204993, 1205544, 1205846, 1206103, 1206224, 1206232, 1206459, 1206492, 1206493, 1206640, 1206824, 1206877, 1206878, 1206880, 1206881, 1206882, 1206883, 1206884, 1206886, 1206894, 1206935, 1207036, 1207050, 1207051, 1207125, 1207270, 1207328, 1207529, 1207560, 1207588, 1207590, 1207591, 1207592, 1207593, 1207594, 1207603, 1207605, 1207606, 1207608, 1207609, 1207613, 1207615, 1207617, 1207618, 1207619, 1207620, 1207621, 1207623, 1207624, 1207625, 1207626, 1207630, 1207631, 1207632, 1207634, 1207635, 1207636, 1207638, 1207639, 1207640, 1207641, 1207642, 1207643, 1207644, 1207645, 1207646, 1207647, 1207648, 1207649, 1207650, 1207651, 1207652, 1207653, 1207768, 1207770, 1207771, 1207773, 1207795, 1207845, 1207875, 1208149, 1208153, 1208179, 1208183, 1208212, 1208290, 1208420, 1208428, 1208429, 1208449, 1208534, 1208541, 1208542, 1208570, 1208598, 1208599, 1208601, 1208605, 1208607, 1208628, 1208700, 1208741, 1208759, 1208776, 1208777, 1208784, 1208787, 1208816, 1208829, 1208837, 1208843, 1208848, 1209008, 1209159, 1209188, 1209256, 1209258, 1209262, 1209291, 1209436, 1209457, 1209504, 1209572 CVE References: CVE-2022-3523, CVE-2022-36280, CVE-2022-38096, CVE-2023-0045, CVE-2023-0122, CVE-2023-0461, CVE-2023-0590, CVE-2023-0597, CVE-2023-1075, CVE-2023-1076, CVE-2023-1078, CVE-2023-1095, CVE-2023-1118, CVE-2023-22995, CVE-2023-22998, CVE-2023-23000, CVE-2023-23001, CVE-2023-23004, CVE-2023-23454, CVE-2023-23455, CVE-2023-23559, CVE-2023-25012, CVE-2023-26545, CVE-2023-28328 Sources used: openSUSE Leap 15.4 (src): kernel-syms-azure-5.14.21-150400.14.40.1, kernel-source-azure-5.14.21-150400.14.40.1 Public Cloud Module 15-SP4 (src): kernel-syms-azure-5.14.21-150400.14.40.1, kernel-source-azure-5.14.21-150400.14.40.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2023:1710-1: An update that solves 19 vulnerabilities and has 111 fixes can now be installed. Category: security (important) Bug References: 1166486, 1177529, 1193629, 1197534, 1197617, 1198438, 1202353, 1202633, 1203200, 1203331, 1203332, 1204363, 1204993, 1205544, 1205846, 1206103, 1206224, 1206232, 1206459, 1206492, 1206493, 1206640, 1206824, 1206876, 1206877, 1206878, 1206880, 1206881, 1206882, 1206883, 1206884, 1206885, 1206886, 1206889, 1206894, 1206935, 1207051, 1207270, 1207328, 1207529, 1207560, 1207588, 1207589, 1207590, 1207591, 1207592, 1207593, 1207594, 1207603, 1207605, 1207606, 1207607, 1207608, 1207609, 1207610, 1207613, 1207615, 1207617, 1207618, 1207619, 1207620, 1207621, 1207623, 1207624, 1207625, 1207626, 1207628, 1207630, 1207631, 1207632, 1207634, 1207635, 1207636, 1207638, 1207639, 1207641, 1207642, 1207643, 1207644, 1207645, 1207646, 1207647, 1207648, 1207651, 1207653, 1207770, 1207773, 1207845, 1207875, 1208149, 1208153, 1208179, 1208183, 1208212, 1208290, 1208420, 1208428, 1208429, 1208449, 1208534, 1208541, 1208570, 1208598, 1208599, 1208601, 1208603, 1208605, 1208607, 1208628, 1208700, 1208741, 1208759, 1208776, 1208777, 1208784, 1208787, 1208816, 1208837, 1208843, 1208848, 1209008, 1209159, 1209188, 1209256, 1209258, 1209262, 1209291, 1209436, 1209457, 1209504 CVE References: CVE-2022-3523, CVE-2022-36280, CVE-2022-38096, CVE-2023-0045, CVE-2023-0461, CVE-2023-0597, CVE-2023-1075, CVE-2023-1076, CVE-2023-1078, CVE-2023-1095, CVE-2023-1118, CVE-2023-22995, CVE-2023-22998, CVE-2023-23000, CVE-2023-23004, CVE-2023-23559, CVE-2023-25012, CVE-2023-26545, CVE-2023-28328 Sources used: openSUSE Leap Micro 5.3 (src): kernel-default-base-5.14.21-150400.24.55.3.150400.24.22.7 openSUSE Leap 15.4 (src): kernel-obs-qa-5.14.21-150400.24.55.1, kernel-syms-5.14.21-150400.24.55.1, kernel-source-5.14.21-150400.24.55.2, kernel-default-base-5.14.21-150400.24.55.3.150400.24.22.7, kernel-obs-build-5.14.21-150400.24.55.3 SUSE Linux Enterprise Micro for Rancher 5.3 (src): kernel-default-base-5.14.21-150400.24.55.3.150400.24.22.7 SUSE Linux Enterprise Micro 5.3 (src): kernel-default-base-5.14.21-150400.24.55.3.150400.24.22.7 SUSE Linux Enterprise Micro for Rancher 5.4 (src): kernel-default-base-5.14.21-150400.24.55.3.150400.24.22.7 SUSE Linux Enterprise Micro 5.4 (src): kernel-default-base-5.14.21-150400.24.55.3.150400.24.22.7 Basesystem Module 15-SP4 (src): kernel-source-5.14.21-150400.24.55.2, kernel-default-base-5.14.21-150400.24.55.3.150400.24.22.7 Development Tools Module 15-SP4 (src): kernel-source-5.14.21-150400.24.55.2, kernel-syms-5.14.21-150400.24.55.1, kernel-obs-build-5.14.21-150400.24.55.3 SUSE Linux Enterprise Live Patching 15-SP4 (src): kernel-livepatch-SLE15-SP4_Update_10-1-150400.9.3.7 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.