1210498 – (CVE-2023-2124) VUL-0: CVE-2023-2124: kernel-source: OOB access in the XFS subsystem

Bug 1210498 (CVE-2023-2124) - VUL-0: CVE-2023-2124: kernel-source: OOB access in the XFS subsystem

Summary: VUL-0: CVE-2023-2124: kernel-source: OOB access in the XFS subsystem

Status:	RESOLVED FIXED
Duplicates (1):	CVE-2023-34255 (view as bug list)

Alias:	CVE-2023-2124

Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents (show other bugs)
Version:	unspecified
Hardware:	Other Other

Priority:	P3 - Medium Severity: Normal
Target Milestone:	---
Assignee:	Security Team bot
QA Contact:	Security Team bot

URL:	https://smash.suse.de/issue/363666/
Whiteboard:	CVSSv3.1:SUSE:CVE-2023-2124:6.7:(AV:L...
Keywords:

Depends on:
Blocks:

Clone This Bug

Reported:	2023-04-17 07:57 UTC by Carlos López
Modified:	2024-06-25 17:36 UTC (History)
CC List:	3 users (show)

See Also:
Found By:	---
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Carlos López 2023-04-17 07:57:43 UTC

From linux-distros:

Hi there,

We recently found a slab OOB access bug in the Linux kernel's XFS
subsystem. It can cause denial-of-service and potentially privilege
escalation.

The root cause of the bug is a missing metadata validation when
mounting a user-supplied XFS disk image. More specifically, in a
corner case where there is a dirty log with a buffer log item for a
AGF and the on-disk buffer appears to be newer, XFS will discard the
old dirty log and directly use the newer on-disk buffer without
validating its content. This can lead to malformed metadata flow into
the kernel and cause catastrophic results. More details can be found
in the patch mentioned below.

We have already reported the bug to security@kernel.org. It seemed
that they were already aware of the vulnerability, and a patch was
being discussed at the time we reported the bug. The patch can be
found here: https://lore.kernel.org/linux-xfs/20230412214034.GL3223426@dread.disaster.area/T/#m1ebbcd1ad061d2d33bef6f0534a2b014744d152d
.

Notice that we are aware of two different crashes this bug can lead to
(the one we found because of invalid `agi_level`, and the one
discussed in the patch: invalid refcountbt), it is possible that this
bug can be exploitable to achieve LPE.
Due to its security implication, we'd appreciate it if someone from
the mailing list could assign it with a CVE number to inform other
vendors.

This patch is being discussed but not merged into the main tree yet.

A crash log is attached to the email.

Thank you for your time.

Best,
Kyle Zeng
Akshay Ajayan
Fish Wang

=========================================================

root@pwn:~# mount 2 test
[   11.652439] loop0: detected capacity change from 0 to 32768
[   11.702972] XFS (loop0): Mounting V5 Filesystem
58c42324-ea61-4f93-a670-9fa85a561ec4
[   11.704748] XFS (loop0): null uuid in log - IRIX style log
[   11.705545] XFS (loop0): Torn write (CRC failure) detected at log
block 0x9. Truncating head block from 0x10.
[   11.759259] XFS (loop0): Starting recovery (logdev: internal)
[   11.760440] XFS (loop0): Metadata corruption detected at
xfs_btree_lookup_get_block+0x259/0x2d0, xfs_inobt block 0x18
[   11.760950] XFS (loop0): Unmount and run xfs_repair
[   11.761195] general protection fault, probably for non-canonical
address 0x6043be0fbf88a15d: 0000 [#1] PREEMPT SMP NOPTI
[   11.761740] CPU: 2 PID: 510 Comm: mount Not tainted 6.3.0-rc6 #9
[   11.762018] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996),
BIOS 1.15.0-1 04/01/2014
[   11.762433] RIP: 0010:xfs_trans_brelse+0x1c/0x1b0
[   11.762668] Code: 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f
44 00 00 55 48 89 e5 41 55 41 54 49 89 f4 53 48 89 fb e8 e7 b3 4c ff
48 85 db <4d> 8b ac 24 e0 00 00 00 0f 84 5b 01 00 00 e8 d1 b3 4c ff 66
90 e8
[   11.763497] RSP: 0018:ffffa91541c07ab0 EFLAGS: 00010246
[   11.763746] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff939e5529
[   11.764071] RDX: ffff8d01062b3f80 RSI: 0000000000000000 RDI: 0000000000000000
[   11.764398] RBP: ffffa91541c07ac8 R08: ffff8d01062b3f80 R09: 0000000000000000
[   11.764725] R10: 000000006f6c2820 R11: 0000000020534658 R12: 6043be0fbf88a07d
[   11.765049] R13: 00000000ffffff8b R14: 6043be0fbf88a07d R15: ffff8d0101db2000
[   11.765375] FS:  00007f06d7a5ee40(0000) GS:ffff8d013ed00000(0000)
knlGS:0000000000000000
[   11.765742] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   11.766009] CR2: 000000000070bdb4 CR3: 0000000006396006 CR4: 0000000000770ee0
[   11.766336] PKRU: 55555554
[   11.766467] Call Trace:
[   11.766590]  <TASK>
[   11.766706]  xfs_btree_del_cursor+0x45/0x120
[   11.766918]  xfs_imap_lookup+0x190/0x2d0
[   11.767111]  ? kmem_cache_alloc+0x17e/0x330
[   11.767319]  xfs_imap+0x35a/0x4c0
[   11.767486]  xfs_iget+0x4c7/0x10f0
[   11.767662]  xfs_mountfs+0x776/0xe00
[   11.767837]  xfs_fs_fill_super+0x9ee/0xdc0
[   11.768037]  get_tree_bdev+0x22b/0x350
[   11.768217]  ? __pfx_xfs_fs_fill_super+0x10/0x10
[   11.768439]  xfs_fs_get_tree+0x22/0x30
[   11.768621]  vfs_get_tree+0x35/0x130
[   11.768797]  path_mount+0xc64/0x1110
[   11.768973]  __x64_sys_mount+0x19a/0x1f0
[   11.769164]  do_syscall_64+0x59/0x90
[   11.769348]  ? syscall_exit_to_user_mode+0x30/0x60
[   11.769576]  ? do_syscall_64+0x69/0x90
[   11.769757]  entry_SYSCALL_64_after_hwframe+0x72/0xdc
[   11.769998] RIP: 0033:0x7f06d6ce948a
[   11.770168] Code: 48 8b 0d 11 fa 2a 00 f7 d8 64 89 01 48 83 c8 ff
c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 49 89 ca b8 a5 00 00
00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d de f9 2a 00 f7 d8 64 89
01 48
[   11.770999] RSP: 002b:00007fffdcf3fae8 EFLAGS: 00000206 ORIG_RAX:
00000000000000a5
[   11.771345] RAX: ffffffffffffffda RBX: 0000559716172060 RCX: 00007f06d6ce948a
[   11.771674] RDX: 0000559716174740 RSI: 0000559716173f40 RDI: 000055971617b2a0
[   11.772000] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020
[   11.772352] R10: 00000000c0ed0000 R11: 0000000000000206 R12: 000055971617b2a0
[   11.772696] R13: 0000559716174740 R14: 0000000000000000 R15: 00000000ffffffff
[   11.773022]  </TASK>
[   11.773130] Modules linked in:
[   11.773303] ---[ end trace 0000000000000000 ]---
[   11.773601] RIP: 0010:xfs_trans_brelse+0x1c/0x1b0
[   11.773825] Code: 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f
44 00 00 55 48 89 e5 41 55 41 54 49 89 f4 53 48 89 fb e8 e7 b3 4c ff
48 85 db <4d> 8b ac 24 e0 00 00 00 0f 84 5b 01 00 00 e8 d1 b3 4c ff 66
90 e8
[   11.774693] RSP: 0018:ffffa91541c07ab0 EFLAGS: 00010246
[   11.774977] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff939e5529
[   11.775313] RDX: ffff8d01062b3f80 RSI: 0000000000000000 RDI: 0000000000000000
[   11.775654] RBP: ffffa91541c07ac8 R08: ffff8d01062b3f80 R09: 0000000000000000
[   11.775979] R10: 000000006f6c2820 R11: 0000000020534658 R12: 6043be0fbf88a07d
[   11.776307] R13: 00000000ffffff8b R14: 6043be0fbf88a07d R15: ffff8d0101db2000
[   11.776636] FS:  00007f06d7a5ee40(0000) GS:ffff8d013ed00000(0000)
knlGS:0000000000000000
[   11.777003] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   11.777269] CR2: 000000000070bdb4 CR3: 0000000006396006 CR4: 0000000000770ee0
[   11.777595] PKRU: 55555554

Comment 1 Anthony Iliopoulos 2023-04-17 11:11:00 UTC

The fix is currently in the upstream xfs for-next tree [1], will backport as soon as it gets merged in mainline.

That said, I don't think this bug qualifies as a VUL-0 (or to be embargoed), since this not only require a privileged operation (mount) and as such it cannot be exploited by regular users, but also assumes an intentionally malformed filesystem image (something that generally speaking upstream does not consider a security issue and considers of low-priority, since there can be an ever-growing amount of such issues, and as long as the filesystem driver is in privileged kernel space it will never be completely secure to mount a user-supplied filesystem).   

[1] commit 22ed903eee23 ("xfs: verify buffer contents when we skip log replay")

Comment 2 Carlos López 2023-04-17 16:14:08 UTC

(In reply to Anthony Iliopoulos from comment #1)
> The fix is currently in the upstream xfs for-next tree [1], will backport as
> soon as it gets merged in mainline.
> 
> That said, I don't think this bug qualifies as a VUL-0 (or to be embargoed),
> since this not only require a privileged operation (mount) and as such it
> cannot be exploited by regular users, but also assumes an intentionally
> malformed filesystem image (something that generally speaking upstream does
> not consider a security issue and considers of low-priority, since there can
> be an ever-growing amount of such issues, and as long as the filesystem
> driver is in privileged kernel space it will never be completely secure to
> mount a user-supplied filesystem).   
> 
> [1] commit 22ed903eee23 ("xfs: verify buffer contents when we skip log
> replay")

The embargo is not up to us to decide sadly, even if the commit is public. However, I would expect it to be lifted soon.

Comment 3 Carlos López 2023-04-17 16:15:41 UTC

$ git describe 67dc288c2106
v3.16-rc2-10-g67dc288c2106

Tracking cve/linux-4.4 and newer as affected.

Comment 5 Carlos López 2023-04-19 08:16:52 UTC

Public via OSS Security

Comment 7 Anthony Iliopoulos 2023-05-04 08:32:07 UTC

Upstream commit 22ed903eee23 ("xfs: verify buffer contents when we skip log replay") is now backported to all affected branches (SLE15-SP4, cve/linux-{4.4,4.12,5.3}).

Handing over to security.

Comment 15 Maintenance Automation 2023-05-09 16:30:04 UTC

SUSE-SU-2023:2151-1: An update that solves 11 vulnerabilities and has five fixes can now be installed.

Category: security (important)
Bug References: 1202353, 1205128, 1209613, 1209687, 1209777, 1209871, 1209887, 1210202, 1210301, 1210329, 1210336, 1210337, 1210469, 1210498, 1210506, 1210647
CVE References: CVE-2020-36691, CVE-2022-43945, CVE-2023-1611, CVE-2023-1670, CVE-2023-1855, CVE-2023-1989, CVE-2023-1990, CVE-2023-1998, CVE-2023-2124, CVE-2023-2162, CVE-2023-30772
Sources used:
SUSE Linux Enterprise Live Patching 15-SP1 (src): kernel-livepatch-SLE15-SP1_Update_40-1-150100.3.3.1
SUSE Linux Enterprise High Performance Computing 15 SP1 LTSS 15-SP1 (src): kernel-obs-build-4.12.14-150100.197.145.1, kernel-source-4.12.14-150100.197.145.1, kernel-syms-4.12.14-150100.197.145.1
SUSE Linux Enterprise Server 15 SP1 LTSS 15-SP1 (src): kernel-obs-build-4.12.14-150100.197.145.1, kernel-source-4.12.14-150100.197.145.1, kernel-syms-4.12.14-150100.197.145.1
SUSE Linux Enterprise Server for SAP Applications 15 SP1 (src): kernel-obs-build-4.12.14-150100.197.145.1, kernel-source-4.12.14-150100.197.145.1, kernel-syms-4.12.14-150100.197.145.1
SUSE CaaS Platform 4.0 (src): kernel-obs-build-4.12.14-150100.197.145.1, kernel-source-4.12.14-150100.197.145.1, kernel-syms-4.12.14-150100.197.145.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 16 Maintenance Automation 2023-05-09 16:30:49 UTC

SUSE-SU-2023:2148-1: An update that solves 16 vulnerabilities and has five fixes can now be installed.

Category: security (important)
Bug References: 1202353, 1205128, 1206992, 1207088, 1209687, 1209739, 1209777, 1209871, 1210202, 1210203, 1210301, 1210329, 1210336, 1210337, 1210414, 1210453, 1210469, 1210498, 1210506, 1210629, 1210647
CVE References: CVE-2020-36691, CVE-2022-2196, CVE-2022-43945, CVE-2023-1611, CVE-2023-1670, CVE-2023-1838, CVE-2023-1855, CVE-2023-1872, CVE-2023-1989, CVE-2023-1990, CVE-2023-1998, CVE-2023-2008, CVE-2023-2124, CVE-2023-2162, CVE-2023-2176, CVE-2023-30772
Sources used:
SUSE Linux Enterprise Live Patching 15-SP3 (src): kernel-livepatch-SLE15-SP3_Update_32-1-150300.7.3.2
SUSE Linux Enterprise High Performance Computing ESPOS 15 SP3 (src): kernel-syms-5.3.18-150300.59.121.1, kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2, kernel-source-5.3.18-150300.59.121.2, kernel-obs-build-5.3.18-150300.59.121.2
SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (src): kernel-syms-5.3.18-150300.59.121.1, kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2, kernel-source-5.3.18-150300.59.121.2, kernel-obs-build-5.3.18-150300.59.121.2
SUSE Linux Enterprise Real Time 15 SP3 (src): kernel-syms-5.3.18-150300.59.121.1, kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2, kernel-source-5.3.18-150300.59.121.2, kernel-obs-build-5.3.18-150300.59.121.2
SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (src): kernel-syms-5.3.18-150300.59.121.1, kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2, kernel-source-5.3.18-150300.59.121.2, kernel-obs-build-5.3.18-150300.59.121.2
SUSE Linux Enterprise Server for SAP Applications 15 SP3 (src): kernel-syms-5.3.18-150300.59.121.1, kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2, kernel-source-5.3.18-150300.59.121.2, kernel-obs-build-5.3.18-150300.59.121.2
SUSE Manager Proxy 4.2 (src): kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2, kernel-source-5.3.18-150300.59.121.2
SUSE Manager Retail Branch Server 4.2 (src): kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2, kernel-source-5.3.18-150300.59.121.2
SUSE Manager Server 4.2 (src): kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2, kernel-source-5.3.18-150300.59.121.2
SUSE Enterprise Storage 7.1 (src): kernel-syms-5.3.18-150300.59.121.1, kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2, kernel-source-5.3.18-150300.59.121.2, kernel-obs-build-5.3.18-150300.59.121.2
SUSE Linux Enterprise Micro 5.1 (src): kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2
SUSE Linux Enterprise Micro 5.2 (src): kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2
SUSE Linux Enterprise Micro for Rancher 5.2 (src): kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 17 Maintenance Automation 2023-05-09 16:30:57 UTC

SUSE-SU-2023:2147-1: An update that solves 15 vulnerabilities and has five fixes can now be installed.

Category: security (important)
Bug References: 1202353, 1206992, 1207088, 1209687, 1209739, 1209777, 1209871, 1210202, 1210203, 1210301, 1210329, 1210336, 1210337, 1210414, 1210453, 1210469, 1210498, 1210506, 1210629, 1210647
CVE References: CVE-2020-36691, CVE-2022-2196, CVE-2023-1611, CVE-2023-1670, CVE-2023-1838, CVE-2023-1855, CVE-2023-1872, CVE-2023-1989, CVE-2023-1990, CVE-2023-1998, CVE-2023-2008, CVE-2023-2124, CVE-2023-2162, CVE-2023-2176, CVE-2023-30772
Sources used:
SUSE Real Time Module 15-SP3 (src): kernel-syms-rt-5.3.18-150300.127.1, kernel-source-rt-5.3.18-150300.127.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 18 Maintenance Automation 2023-05-10 12:30:14 UTC

SUSE-SU-2023:2156-1: An update that solves eight vulnerabilities and has 16 fixes can now be installed.

Category: security (important)
Bug References: 1142685, 1174777, 1190544, 1202353, 1207088, 1209342, 1209871, 1209887, 1209969, 1209999, 1210202, 1210301, 1210329, 1210336, 1210337, 1210430, 1210460, 1210466, 1210469, 1210498, 1210506, 1210534, 1210647, 1210827
CVE References: CVE-2023-1670, CVE-2023-1855, CVE-2023-1989, CVE-2023-1990, CVE-2023-1998, CVE-2023-2124, CVE-2023-2162, CVE-2023-30772
Sources used:
SUSE Linux Enterprise Real Time 12 SP5 (src): kernel-source-rt-4.12.14-10.124.1, kernel-syms-rt-4.12.14-10.124.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 19 Maintenance Automation 2023-05-10 20:30:21 UTC

SUSE-SU-2023:2162-1: An update that solves 12 vulnerabilities and has 17 fixes can now be installed.

Category: security (important)
Bug References: 1142685, 1142926, 1174777, 1190544, 1202353, 1205128, 1207088, 1209342, 1209687, 1209777, 1209871, 1209887, 1209969, 1209999, 1210202, 1210301, 1210329, 1210336, 1210337, 1210430, 1210460, 1210466, 1210469, 1210498, 1210506, 1210534, 1210647, 1210827, 1211037
CVE References: CVE-2020-36691, CVE-2022-43945, CVE-2023-1611, CVE-2023-1670, CVE-2023-1855, CVE-2023-1989, CVE-2023-1990, CVE-2023-1998, CVE-2023-2124, CVE-2023-2162, CVE-2023-2483, CVE-2023-30772
Sources used:
SUSE Linux Enterprise Server for SAP Applications 12 SP5 (src): kernel-source-azure-4.12.14-16.133.1, kernel-syms-azure-4.12.14-16.133.1
SUSE Linux Enterprise High Performance Computing 12 SP5 (src): kernel-source-azure-4.12.14-16.133.1, kernel-syms-azure-4.12.14-16.133.1
SUSE Linux Enterprise Server 12 SP5 (src): kernel-source-azure-4.12.14-16.133.1, kernel-syms-azure-4.12.14-16.133.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 20 Maintenance Automation 2023-05-11 08:30:14 UTC

SUSE-SU-2023:2163-1: An update that solves 12 vulnerabilities and has 17 fixes can now be installed.

Category: security (important)
Bug References: 1142685, 1142926, 1174777, 1190544, 1202353, 1205128, 1207088, 1209342, 1209687, 1209777, 1209871, 1209887, 1209969, 1209999, 1210202, 1210301, 1210329, 1210336, 1210337, 1210430, 1210460, 1210466, 1210469, 1210498, 1210506, 1210534, 1210647, 1210827, 1211037
CVE References: CVE-2020-36691, CVE-2022-43945, CVE-2023-1611, CVE-2023-1670, CVE-2023-1855, CVE-2023-1989, CVE-2023-1990, CVE-2023-1998, CVE-2023-2124, CVE-2023-2162, CVE-2023-2483, CVE-2023-30772
Sources used:
SUSE Linux Enterprise Live Patching 12-SP5 (src): kgraft-patch-SLE12-SP5_Update_43-1-8.3.1
SUSE Linux Enterprise Software Development Kit 12 SP5 (src): kernel-obs-build-4.12.14-122.159.1
SUSE Linux Enterprise High Performance Computing 12 SP5 (src): kernel-syms-4.12.14-122.159.1, kernel-source-4.12.14-122.159.1
SUSE Linux Enterprise Server 12 SP5 (src): kernel-syms-4.12.14-122.159.1, kernel-source-4.12.14-122.159.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5 (src): kernel-syms-4.12.14-122.159.1, kernel-source-4.12.14-122.159.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 23 Maintenance Automation 2023-05-17 16:30:13 UTC

SUSE-SU-2023:2232-1: An update that solves 28 vulnerabilities and has 14 fixes can now be installed.

Category: security (important)
Bug References: 1076830, 1194535, 1202353, 1205128, 1207036, 1207125, 1207168, 1207185, 1207795, 1207845, 1208179, 1208333, 1208599, 1208777, 1208837, 1208850, 1209008, 1209052, 1209256, 1209289, 1209291, 1209532, 1209547, 1209549, 1209613, 1209687, 1209777, 1209778, 1209845, 1209871, 1209887, 1210124, 1210202, 1210301, 1210329, 1210336, 1210337, 1210469, 1210498, 1210506, 1210647, 1211037
CVE References: CVE-2017-5753, CVE-2020-36691, CVE-2021-3923, CVE-2021-4203, CVE-2022-20567, CVE-2022-43945, CVE-2023-0590, CVE-2023-0597, CVE-2023-1076, CVE-2023-1095, CVE-2023-1118, CVE-2023-1390, CVE-2023-1513, CVE-2023-1611, CVE-2023-1670, CVE-2023-1855, CVE-2023-1989, CVE-2023-1990, CVE-2023-1998, CVE-2023-2124, CVE-2023-2162, CVE-2023-23454, CVE-2023-23455, CVE-2023-2483, CVE-2023-28328, CVE-2023-28464, CVE-2023-28772, CVE-2023-30772
Sources used:
SUSE OpenStack Cloud 9 (src): kernel-source-4.12.14-95.125.1, kernel-syms-4.12.14-95.125.1
SUSE OpenStack Cloud Crowbar 9 (src): kernel-source-4.12.14-95.125.1, kernel-syms-4.12.14-95.125.1
SUSE Linux Enterprise Server for SAP Applications 12 SP4 (src): kernel-source-4.12.14-95.125.1, kernel-syms-4.12.14-95.125.1, drbd-9.0.14+git.62f906cf-4.26.2
SUSE Linux Enterprise High Availability Extension 12 SP4 (src): drbd-9.0.14+git.62f906cf-4.26.2
SUSE Linux Enterprise Live Patching 12-SP4 (src): kgraft-patch-SLE12-SP4_Update_35-1-6.5.1
SUSE Linux Enterprise Server 12 SP4 ESPOS 12-SP4 (src): kernel-source-4.12.14-95.125.1, kernel-syms-4.12.14-95.125.1
SUSE Linux Enterprise Server 12 SP4 LTSS 12-SP4 (src): kernel-source-4.12.14-95.125.1, kernel-syms-4.12.14-95.125.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 27 Gabriele Sonnu 2023-06-01 09:48:23 UTC

*** Bug 1211903 has been marked as a duplicate of this bug. ***

Comment 35 Maintenance Automation 2023-06-13 16:30:36 UTC

SUSE-SU-2023:2500-1: An update that solves 23 vulnerabilities, contains 14 features and has 52 fixes can now be installed.

Category: security (important)
Bug References: 1065729, 1172073, 1191731, 1193629, 1195655, 1195921, 1203906, 1205650, 1205756, 1205758, 1205760, 1205762, 1205803, 1206024, 1206578, 1207553, 1208604, 1208758, 1209287, 1209288, 1209856, 1209982, 1210165, 1210294, 1210449, 1210450, 1210498, 1210533, 1210551, 1210566, 1210647, 1210741, 1210775, 1210783, 1210791, 1210806, 1210940, 1210947, 1211037, 1211043, 1211044, 1211089, 1211105, 1211113, 1211131, 1211187, 1211205, 1211260, 1211263, 1211280, 1211281, 1211395, 1211449, 1211465, 1211519, 1211564, 1211590, 1211592, 1211686, 1211687, 1211688, 1211689, 1211690, 1211691, 1211692, 1211693, 1211714, 1211796, 1211804, 1211807, 1211808, 1211819, 1211847, 1211855, 1211960
CVE References: CVE-2022-4269, CVE-2022-45884, CVE-2022-45885, CVE-2022-45886, CVE-2022-45887, CVE-2022-45919, CVE-2023-1079, CVE-2023-1380, CVE-2023-1382, CVE-2023-2002, CVE-2023-2124, CVE-2023-2156, CVE-2023-2162, CVE-2023-2269, CVE-2023-2483, CVE-2023-2513, CVE-2023-28410, CVE-2023-3006, CVE-2023-30456, CVE-2023-31084, CVE-2023-31436, CVE-2023-32233, CVE-2023-33288
Jira References: PED-3692, PED-4022, SLE-18375, SLE-18377, SLE-18378, SLE-18379, SLE-18383, SLE-18384, SLE-18385, SLE-18978, SLE-18992, SLE-19001, SLE-19255, SLE-19556
Sources used:
openSUSE Leap 15.4 (src): kernel-source-azure-5.14.21-150400.14.52.1, kernel-syms-azure-5.14.21-150400.14.52.1
Public Cloud Module 15-SP4 (src): kernel-source-azure-5.14.21-150400.14.52.1, kernel-syms-azure-5.14.21-150400.14.52.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 42 Maintenance Automation 2023-06-27 12:30:14 UTC

SUSE-SU-2023:2653-1: An update that solves 23 vulnerabilities, contains 14 features and has 47 fixes can now be installed.

Category: security (important)
Bug References: 1065729, 1172073, 1191731, 1193629, 1195655, 1195921, 1203906, 1205650, 1205756, 1205758, 1205760, 1205762, 1205803, 1206024, 1206578, 1207553, 1208604, 1208758, 1209287, 1209288, 1209856, 1209982, 1210165, 1210294, 1210449, 1210450, 1210498, 1210533, 1210551, 1210647, 1210741, 1210775, 1210783, 1210791, 1210806, 1210940, 1210947, 1211037, 1211043, 1211044, 1211089, 1211105, 1211113, 1211131, 1211205, 1211263, 1211280, 1211281, 1211449, 1211465, 1211519, 1211564, 1211590, 1211592, 1211686, 1211687, 1211688, 1211689, 1211690, 1211691, 1211692, 1211693, 1211714, 1211796, 1211804, 1211807, 1211808, 1211847, 1211855, 1211960
CVE References: CVE-2022-4269, CVE-2022-45884, CVE-2022-45885, CVE-2022-45886, CVE-2022-45887, CVE-2022-45919, CVE-2023-1079, CVE-2023-1380, CVE-2023-1382, CVE-2023-2002, CVE-2023-2124, CVE-2023-2156, CVE-2023-2162, CVE-2023-2269, CVE-2023-2483, CVE-2023-2513, CVE-2023-28410, CVE-2023-3006, CVE-2023-30456, CVE-2023-31084, CVE-2023-31436, CVE-2023-32233, CVE-2023-33288
Jira References: PED-3692, PED-4022, SLE-18375, SLE-18377, SLE-18378, SLE-18379, SLE-18383, SLE-18384, SLE-18385, SLE-18978, SLE-18992, SLE-19001, SLE-19255, SLE-19556
Sources used:
openSUSE Leap Micro 5.3 (src): kernel-default-base-5.14.21-150400.24.66.1.150400.24.29.1
openSUSE Leap 15.4 (src): kernel-default-base-5.14.21-150400.24.66.1.150400.24.29.1, kernel-source-5.14.21-150400.24.66.1, kernel-syms-5.14.21-150400.24.66.1, kernel-obs-build-5.14.21-150400.24.66.1, kernel-obs-qa-5.14.21-150400.24.66.1
SUSE Linux Enterprise Micro for Rancher 5.3 (src): kernel-default-base-5.14.21-150400.24.66.1.150400.24.29.1
SUSE Linux Enterprise Micro 5.3 (src): kernel-default-base-5.14.21-150400.24.66.1.150400.24.29.1
SUSE Linux Enterprise Micro for Rancher 5.4 (src): kernel-default-base-5.14.21-150400.24.66.1.150400.24.29.1
SUSE Linux Enterprise Micro 5.4 (src): kernel-default-base-5.14.21-150400.24.66.1.150400.24.29.1
Basesystem Module 15-SP4 (src): kernel-default-base-5.14.21-150400.24.66.1.150400.24.29.1, kernel-source-5.14.21-150400.24.66.1
Development Tools Module 15-SP4 (src): kernel-syms-5.14.21-150400.24.66.1, kernel-source-5.14.21-150400.24.66.1, kernel-obs-build-5.14.21-150400.24.66.1
SUSE Linux Enterprise Live Patching 15-SP4 (src): kernel-livepatch-SLE15-SP4_Update_13-1-150400.9.3.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 43 Maintenance Automation 2023-06-27 12:30:36 UTC

SUSE-SU-2023:2651-1: An update that solves 22 vulnerabilities and has 10 fixes can now be installed.

Category: security (important)
Bug References: 1172073, 1184208, 1191731, 1199046, 1204405, 1205756, 1205758, 1205760, 1205762, 1205803, 1206024, 1208474, 1208604, 1209287, 1209779, 1210498, 1210715, 1210783, 1210791, 1210940, 1211037, 1211043, 1211089, 1211105, 1211186, 1211187, 1211260, 1211590, 1211592, 1211596, 1211622, 1211796
CVE References: CVE-2020-36694, CVE-2021-29650, CVE-2022-3566, CVE-2022-4269, CVE-2022-45884, CVE-2022-45885, CVE-2022-45886, CVE-2022-45887, CVE-2022-45919, CVE-2023-1079, CVE-2023-1380, CVE-2023-1637, CVE-2023-2124, CVE-2023-2194, CVE-2023-23586, CVE-2023-2483, CVE-2023-2513, CVE-2023-31084, CVE-2023-31436, CVE-2023-32233, CVE-2023-32269, CVE-2023-33288
Sources used:
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (src): kernel-obs-build-5.3.18-150200.24.154.1, kernel-source-5.3.18-150200.24.154.1, kernel-syms-5.3.18-150200.24.154.1, kernel-default-base-5.3.18-150200.24.154.1.150200.9.75.1
SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (src): kernel-obs-build-5.3.18-150200.24.154.1, kernel-source-5.3.18-150200.24.154.1, kernel-syms-5.3.18-150200.24.154.1, kernel-default-base-5.3.18-150200.24.154.1.150200.9.75.1
SUSE Linux Enterprise Server for SAP Applications 15 SP2 (src): kernel-obs-build-5.3.18-150200.24.154.1, kernel-source-5.3.18-150200.24.154.1, kernel-syms-5.3.18-150200.24.154.1, kernel-default-base-5.3.18-150200.24.154.1.150200.9.75.1
SUSE Enterprise Storage 7 (src): kernel-obs-build-5.3.18-150200.24.154.1, kernel-source-5.3.18-150200.24.154.1, kernel-syms-5.3.18-150200.24.154.1, kernel-default-base-5.3.18-150200.24.154.1.150200.9.75.1
SUSE Linux Enterprise Live Patching 15-SP2 (src): kernel-livepatch-SLE15-SP2_Update_37-1-150200.5.3.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 50 Maintenance Automation 2023-07-04 16:30:20 UTC

SUSE-SU-2023:2782-1: An update that solves 31 vulnerabilities, contains three features and has 70 fixes can now be installed.

Category: security (important)
Bug References: 1065729, 1152472, 1152489, 1160435, 1172073, 1189998, 1191731, 1193629, 1194869, 1195655, 1195921, 1203906, 1205650, 1205756, 1205758, 1205760, 1205762, 1205803, 1206024, 1206578, 1207553, 1208050, 1208410, 1208600, 1208604, 1208758, 1209039, 1209287, 1209288, 1209367, 1209856, 1209982, 1210165, 1210294, 1210449, 1210450, 1210498, 1210533, 1210551, 1210647, 1210741, 1210775, 1210783, 1210791, 1210806, 1210940, 1210947, 1211037, 1211043, 1211044, 1211089, 1211105, 1211113, 1211131, 1211205, 1211263, 1211280, 1211281, 1211299, 1211346, 1211387, 1211410, 1211414, 1211449, 1211465, 1211519, 1211564, 1211590, 1211592, 1211686, 1211687, 1211688, 1211689, 1211690, 1211691, 1211692, 1211693, 1211714, 1211796, 1211804, 1211807, 1211808, 1211847, 1211852, 1211855, 1211960, 1212129, 1212154, 1212155, 1212158, 1212350, 1212448, 1212494, 1212504, 1212513, 1212540, 1212561, 1212563, 1212564, 1212584, 1212592
CVE References: CVE-2022-4269, CVE-2022-45884, CVE-2022-45885, CVE-2022-45886, CVE-2022-45887, CVE-2022-45919, CVE-2023-1077, CVE-2023-1079, CVE-2023-1249, CVE-2023-1380, CVE-2023-1382, CVE-2023-2002, CVE-2023-21102, CVE-2023-2124, CVE-2023-2156, CVE-2023-2162, CVE-2023-2269, CVE-2023-2483, CVE-2023-2513, CVE-2023-28410, CVE-2023-3006, CVE-2023-30456, CVE-2023-31084, CVE-2023-3141, CVE-2023-31436, CVE-2023-3161, CVE-2023-32233, CVE-2023-33288, CVE-2023-35788, CVE-2023-35823, CVE-2023-35828
Jira References: PED-3692, PED-3931, PED-4022
Sources used:
SUSE Linux Enterprise Live Patching 15-SP4 (src): kernel-livepatch-SLE15-SP4-RT_Update_8-1-150400.1.9.2
SUSE Real Time Module 15-SP4 (src): kernel-source-rt-5.14.21-150400.15.37.1, kernel-syms-rt-5.14.21-150400.15.37.1
openSUSE Leap 15.4 (src): kernel-source-rt-5.14.21-150400.15.37.1, kernel-syms-rt-5.14.21-150400.15.37.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 54 Maintenance Automation 2023-07-11 08:37:04 UTC

SUSE-SU-2023:2805-1: An update that solves 38 vulnerabilities and has four fixes can now be installed.

Category: security (important)
Bug References: 1126703, 1204405, 1205756, 1205758, 1205760, 1205762, 1205803, 1206878, 1207036, 1207125, 1207168, 1207795, 1208600, 1208777, 1208837, 1209008, 1209039, 1209052, 1209256, 1209287, 1209289, 1209291, 1209532, 1209549, 1209687, 1209871, 1210329, 1210336, 1210337, 1210498, 1210506, 1210647, 1210715, 1210940, 1211105, 1211186, 1211449, 1212128, 1212129, 1212154, 1212501, 1212842
CVE References: CVE-2017-5753, CVE-2018-20784, CVE-2022-3566, CVE-2022-45884, CVE-2022-45885, CVE-2022-45886, CVE-2022-45887, CVE-2022-45919, CVE-2023-0590, CVE-2023-1077, CVE-2023-1095, CVE-2023-1118, CVE-2023-1249, CVE-2023-1380, CVE-2023-1390, CVE-2023-1513, CVE-2023-1611, CVE-2023-1670, CVE-2023-1989, CVE-2023-1990, CVE-2023-1998, CVE-2023-2124, CVE-2023-2162, CVE-2023-2194, CVE-2023-23454, CVE-2023-23455, CVE-2023-2513, CVE-2023-28328, CVE-2023-28464, CVE-2023-28772, CVE-2023-30772, CVE-2023-3090, CVE-2023-3141, CVE-2023-31436, CVE-2023-3159, CVE-2023-3161, CVE-2023-32269, CVE-2023-35824
Sources used:
SUSE Linux Enterprise Server 12 SP2 BCL 12-SP2 (src): kernel-syms-4.4.121-92.205.1, kernel-source-4.4.121-92.205.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 55 Maintenance Automation 2023-07-11 16:32:03 UTC

SUSE-SU-2023:2809-1: An update that solves 84 vulnerabilities, contains 25 features and has 320 fixes can now be installed.

Category: security (important)
Bug References: 1065729, 1109158, 1142685, 1152472, 1152489, 1155798, 1160435, 1166486, 1172073, 1174777, 1177529, 1185861, 1186449, 1189998, 1189999, 1191731, 1193629, 1194869, 1195175, 1195655, 1195921, 1196058, 1197534, 1197617, 1198101, 1198400, 1198438, 1198835, 1199304, 1199701, 1200054, 1202353, 1202633, 1203039, 1203200, 1203325, 1203331, 1203332, 1203693, 1203906, 1204356, 1204363, 1204662, 1204993, 1205153, 1205191, 1205205, 1205544, 1205650, 1205756, 1205758, 1205760, 1205762, 1205803, 1205846, 1206024, 1206036, 1206056, 1206057, 1206103, 1206224, 1206232, 1206340, 1206459, 1206492, 1206493, 1206578, 1206640, 1206649, 1206824, 1206843, 1206876, 1206877, 1206878, 1206880, 1206881, 1206882, 1206883, 1206884, 1206885, 1206886, 1206887, 1206888, 1206889, 1206890, 1206891, 1206893, 1206894, 1206935, 1206992, 1207034, 1207036, 1207050, 1207051, 1207088, 1207125, 1207149, 1207158, 1207168, 1207185, 1207270, 1207315, 1207328, 1207497, 1207500, 1207501, 1207506, 1207507, 1207521, 1207553, 1207560, 1207574, 1207588, 1207589, 1207590, 1207591, 1207592, 1207593, 1207594, 1207602, 1207603, 1207605, 1207606, 1207607, 1207608, 1207609, 1207610, 1207611, 1207612, 1207613, 1207614, 1207615, 1207616, 1207617, 1207618, 1207619, 1207620, 1207621, 1207622, 1207623, 1207624, 1207625, 1207626, 1207627, 1207628, 1207629, 1207630, 1207631, 1207632, 1207633, 1207634, 1207635, 1207636, 1207637, 1207638, 1207639, 1207640, 1207641, 1207642, 1207643, 1207644, 1207645, 1207646, 1207647, 1207648, 1207649, 1207650, 1207651, 1207652, 1207653, 1207734, 1207768, 1207769, 1207770, 1207771, 1207773, 1207795, 1207827, 1207842, 1207845, 1207875, 1207878, 1207933, 1207935, 1207948, 1208050, 1208076, 1208081, 1208105, 1208107, 1208128, 1208130, 1208149, 1208153, 1208183, 1208212, 1208219, 1208290, 1208368, 1208410, 1208420, 1208428, 1208429, 1208449, 1208534, 1208541, 1208542, 1208570, 1208588, 1208598, 1208599, 1208600, 1208601, 1208602, 1208604, 1208605, 1208607, 1208619, 1208628, 1208700, 1208741, 1208758, 1208759, 1208776, 1208777, 1208784, 1208787, 1208815, 1208816, 1208829, 1208837, 1208843, 1208845, 1208848, 1208864, 1208902, 1208948, 1208976, 1209008, 1209039, 1209052, 1209092, 1209159, 1209256, 1209258, 1209262, 1209287, 1209288, 1209290, 1209291, 1209292, 1209366, 1209367, 1209436, 1209457, 1209504, 1209532, 1209556, 1209600, 1209615, 1209635, 1209636, 1209637, 1209684, 1209687, 1209693, 1209739, 1209779, 1209780, 1209788, 1209798, 1209799, 1209804, 1209805, 1209856, 1209871, 1209927, 1209980, 1209982, 1209999, 1210034, 1210050, 1210158, 1210165, 1210202, 1210203, 1210206, 1210216, 1210230, 1210294, 1210301, 1210329, 1210336, 1210337, 1210409, 1210439, 1210449, 1210450, 1210453, 1210454, 1210469, 1210498, 1210506, 1210533, 1210551, 1210629, 1210644, 1210647, 1210725, 1210741, 1210762, 1210763, 1210764, 1210765, 1210766, 1210767, 1210768, 1210769, 1210770, 1210771, 1210775, 1210783, 1210791, 1210793, 1210806, 1210816, 1210817, 1210827, 1210940, 1210943, 1210947, 1210953, 1210986, 1211025, 1211037, 1211043, 1211044, 1211089, 1211105, 1211113, 1211131, 1211205, 1211263, 1211280, 1211281, 1211299, 1211346, 1211387, 1211400, 1211410, 1211414, 1211449, 1211465, 1211519, 1211564, 1211590, 1211592, 1211593, 1211595, 1211654, 1211686, 1211687, 1211688, 1211689, 1211690, 1211691, 1211692, 1211693, 1211714, 1211794, 1211796, 1211804, 1211807, 1211808, 1211820, 1211836, 1211847, 1211852, 1211855, 1211960, 1212129, 1212154, 1212155, 1212158, 1212350, 1212405, 1212445, 1212448, 1212494, 1212495, 1212504, 1212513, 1212540, 1212556, 1212561, 1212563, 1212564, 1212584, 1212592, 1212605, 1212606, 1212619, 1212701, 1212741
CVE References: CVE-2020-24588, CVE-2022-2196, CVE-2022-3523, CVE-2022-36280, CVE-2022-38096, CVE-2022-4269, CVE-2022-45884, CVE-2022-45885, CVE-2022-45886, CVE-2022-45887, CVE-2022-45919, CVE-2022-4744, CVE-2023-0045, CVE-2023-0122, CVE-2023-0179, CVE-2023-0386, CVE-2023-0394, CVE-2023-0461, CVE-2023-0469, CVE-2023-0590, CVE-2023-0597, CVE-2023-1075, CVE-2023-1076, CVE-2023-1077, CVE-2023-1078, CVE-2023-1079, CVE-2023-1095, CVE-2023-1118, CVE-2023-1249, CVE-2023-1382, CVE-2023-1513, CVE-2023-1582, CVE-2023-1583, CVE-2023-1611, CVE-2023-1637, CVE-2023-1652, CVE-2023-1670, CVE-2023-1838, CVE-2023-1855, CVE-2023-1989, CVE-2023-1998, CVE-2023-2002, CVE-2023-21102, CVE-2023-21106, CVE-2023-2124, CVE-2023-2156, CVE-2023-2162, CVE-2023-2176, CVE-2023-2235, CVE-2023-2269, CVE-2023-22998, CVE-2023-23000, CVE-2023-23001, CVE-2023-23004, CVE-2023-23006, CVE-2023-23454, CVE-2023-23455, CVE-2023-2483, CVE-2023-25012, CVE-2023-2513, CVE-2023-26545, CVE-2023-28327, CVE-2023-28410, CVE-2023-28464, CVE-2023-28466, CVE-2023-28866, CVE-2023-3006, CVE-2023-30456, CVE-2023-30772, CVE-2023-31084, CVE-2023-3141, CVE-2023-31436, CVE-2023-3161, CVE-2023-3220, CVE-2023-32233, CVE-2023-33288, CVE-2023-3357, CVE-2023-3358, CVE-2023-33951, CVE-2023-33952, CVE-2023-35788, CVE-2023-35823, CVE-2023-35828, CVE-2023-35829
Jira References: PED-1549, PED-3210, PED-3259, PED-3692, PED-370, PED-3750, PED-3759, PED-376, PED-3931, PED-4022, PED-835, SES-1880, SLE-18375, SLE-18377, SLE-18378, SLE-18379, SLE-18383, SLE-18384, SLE-18385, SLE-18978, SLE-18992, SLE-19001, SLE-19253, SLE-19255, SLE-19556
Sources used:
openSUSE Leap 15.5 (src): kernel-livepatch-SLE15-SP5-RT_Update_1-1-150500.11.5.1, kernel-syms-rt-5.14.21-150500.13.5.1, kernel-source-rt-5.14.21-150500.13.5.1
SUSE Linux Enterprise Live Patching 15-SP5 (src): kernel-livepatch-SLE15-SP5-RT_Update_1-1-150500.11.5.1
SUSE Real Time Module 15-SP5 (src): kernel-syms-rt-5.14.21-150500.13.5.1, kernel-source-rt-5.14.21-150500.13.5.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 56 Maintenance Automation 2023-07-18 16:32:43 UTC

SUSE-SU-2023:2871-1: An update that solves 82 vulnerabilities, contains 25 features and has 390 fixes can now be installed.

Category: security (important)
Bug References: 1065729, 1109158, 1142685, 1152472, 1152489, 1155798, 1160435, 1166486, 1172073, 1174777, 1177529, 1186449, 1187829, 1189998, 1189999, 1191731, 1193629, 1194869, 1195175, 1195655, 1195921, 1196058, 1197534, 1197617, 1198101, 1198400, 1198438, 1198835, 1199304, 1199701, 1200054, 1202353, 1202633, 1203039, 1203200, 1203325, 1203331, 1203332, 1203693, 1203906, 1204356, 1204363, 1204662, 1204993, 1205153, 1205191, 1205205, 1205544, 1205650, 1205756, 1205758, 1205760, 1205762, 1205803, 1205846, 1206024, 1206036, 1206056, 1206057, 1206103, 1206224, 1206232, 1206340, 1206459, 1206492, 1206493, 1206552, 1206578, 1206640, 1206649, 1206677, 1206824, 1206843, 1206876, 1206877, 1206878, 1206880, 1206881, 1206882, 1206883, 1206884, 1206885, 1206886, 1206887, 1206888, 1206889, 1206890, 1206891, 1206893, 1206894, 1206935, 1206992, 1207034, 1207036, 1207050, 1207051, 1207088, 1207125, 1207149, 1207158, 1207168, 1207185, 1207270, 1207315, 1207328, 1207497, 1207500, 1207501, 1207506, 1207507, 1207521, 1207553, 1207560, 1207574, 1207588, 1207589, 1207590, 1207591, 1207592, 1207593, 1207594, 1207602, 1207603, 1207605, 1207606, 1207607, 1207608, 1207609, 1207610, 1207611, 1207612, 1207613, 1207614, 1207615, 1207616, 1207617, 1207618, 1207619, 1207620, 1207621, 1207622, 1207623, 1207624, 1207625, 1207626, 1207627, 1207628, 1207629, 1207630, 1207631, 1207632, 1207633, 1207634, 1207635, 1207636, 1207637, 1207638, 1207639, 1207640, 1207641, 1207642, 1207643, 1207644, 1207645, 1207646, 1207647, 1207648, 1207649, 1207650, 1207651, 1207652, 1207653, 1207734, 1207768, 1207769, 1207770, 1207771, 1207773, 1207795, 1207827, 1207842, 1207845, 1207875, 1207878, 1207933, 1207935, 1207948, 1208050, 1208076, 1208081, 1208105, 1208107, 1208128, 1208130, 1208149, 1208153, 1208183, 1208212, 1208219, 1208290, 1208368, 1208410, 1208420, 1208428, 1208429, 1208449, 1208534, 1208541, 1208542, 1208570, 1208588, 1208598, 1208599, 1208600, 1208601, 1208602, 1208604, 1208605, 1208607, 1208619, 1208628, 1208700, 1208741, 1208758, 1208759, 1208776, 1208777, 1208784, 1208787, 1208815, 1208816, 1208829, 1208837, 1208843, 1208845, 1208848, 1208864, 1208902, 1208948, 1208976, 1209008, 1209039, 1209052, 1209092, 1209159, 1209256, 1209258, 1209262, 1209287, 1209288, 1209290, 1209291, 1209292, 1209366, 1209367, 1209436, 1209457, 1209504, 1209532, 1209556, 1209600, 1209615, 1209635, 1209636, 1209637, 1209684, 1209687, 1209693, 1209739, 1209779, 1209780, 1209788, 1209798, 1209799, 1209804, 1209805, 1209856, 1209871, 1209927, 1209980, 1209982, 1209999, 1210034, 1210050, 1210158, 1210165, 1210202, 1210203, 1210206, 1210216, 1210230, 1210294, 1210301, 1210329, 1210335, 1210336, 1210337, 1210409, 1210439, 1210449, 1210450, 1210453, 1210454, 1210498, 1210506, 1210533, 1210551, 1210565, 1210584, 1210629, 1210644, 1210647, 1210725, 1210741, 1210762, 1210763, 1210764, 1210765, 1210766, 1210767, 1210768, 1210769, 1210770, 1210771, 1210775, 1210783, 1210791, 1210793, 1210806, 1210816, 1210817, 1210827, 1210853, 1210940, 1210943, 1210947, 1210953, 1210986, 1211014, 1211025, 1211037, 1211043, 1211044, 1211089, 1211105, 1211113, 1211131, 1211205, 1211263, 1211280, 1211281, 1211299, 1211346, 1211387, 1211400, 1211410, 1211414, 1211449, 1211465, 1211519, 1211564, 1211590, 1211592, 1211593, 1211595, 1211654, 1211686, 1211687, 1211688, 1211689, 1211690, 1211691, 1211692, 1211693, 1211714, 1211794, 1211796, 1211804, 1211807, 1211808, 1211820, 1211836, 1211847, 1211852, 1211855, 1211960, 1212051, 1212129, 1212154, 1212155, 1212158, 1212265, 1212350, 1212445, 1212448, 1212456, 1212494, 1212495, 1212504, 1212513, 1212540, 1212556, 1212561, 1212563, 1212564, 1212584, 1212592, 1212603, 1212605, 1212606, 1212619, 1212685, 1212701, 1212741, 1212835, 1212838, 1212842, 1212848, 1212861, 1212869, 1212892, 1212961, 1213010, 1213011, 1213012, 1213013, 1213014, 1213015, 1213016, 1213017, 1213018, 1213019, 1213020, 1213021, 1213024, 1213025, 1213032, 1213034, 1213035, 1213036, 1213037, 1213038, 1213039, 1213040, 1213041, 1213087, 1213088, 1213089, 1213090, 1213092, 1213093, 1213094, 1213095, 1213096, 1213098, 1213099, 1213100, 1213102, 1213103, 1213104, 1213105, 1213106, 1213107, 1213108, 1213109, 1213110, 1213111, 1213112, 1213113, 1213114, 1213116, 1213134
CVE References: CVE-2022-36280, CVE-2022-38096, CVE-2022-4269, CVE-2022-45884, CVE-2022-45885, CVE-2022-45886, CVE-2022-45887, CVE-2022-45919, CVE-2022-4744, CVE-2023-0045, CVE-2023-0122, CVE-2023-0179, CVE-2023-0394, CVE-2023-0461, CVE-2023-0469, CVE-2023-0590, CVE-2023-0597, CVE-2023-1075, CVE-2023-1076, CVE-2023-1077, CVE-2023-1079, CVE-2023-1095, CVE-2023-1118, CVE-2023-1249, CVE-2023-1382, CVE-2023-1513, CVE-2023-1582, CVE-2023-1583, CVE-2023-1611, CVE-2023-1637, CVE-2023-1652, CVE-2023-1670, CVE-2023-1829, CVE-2023-1838, CVE-2023-1855, CVE-2023-1989, CVE-2023-1998, CVE-2023-2002, CVE-2023-21102, CVE-2023-21106, CVE-2023-2124, CVE-2023-2156, CVE-2023-2162, CVE-2023-2176, CVE-2023-2235, CVE-2023-2269, CVE-2023-22998, CVE-2023-23000, CVE-2023-23001, CVE-2023-23004, CVE-2023-23006, CVE-2023-2430, CVE-2023-2483, CVE-2023-25012, CVE-2023-2513, CVE-2023-26545, CVE-2023-28327, CVE-2023-28410, CVE-2023-28464, CVE-2023-28866, CVE-2023-3006, CVE-2023-30456, CVE-2023-30772, CVE-2023-3090, CVE-2023-31084, CVE-2023-3111, CVE-2023-3141, CVE-2023-31436, CVE-2023-3161, CVE-2023-3212, CVE-2023-3220, CVE-2023-32233, CVE-2023-33288, CVE-2023-3357, CVE-2023-3358, CVE-2023-3389, CVE-2023-33951, CVE-2023-33952, CVE-2023-35788, CVE-2023-35823, CVE-2023-35828, CVE-2023-35829
Jira References: PED-1549, PED-3210, PED-3259, PED-3692, PED-370, PED-3750, PED-3759, PED-376, PED-3931, PED-4022, PED-835, SES-1880, SLE-18375, SLE-18377, SLE-18378, SLE-18379, SLE-18383, SLE-18384, SLE-18385, SLE-18978, SLE-18992, SLE-19001, SLE-19253, SLE-19255, SLE-19556
Sources used:
openSUSE Leap 15.5 (src): kernel-livepatch-SLE15-SP5_Update_1-1-150500.11.7.1, kernel-syms-5.14.21-150500.55.7.1, kernel-obs-qa-5.14.21-150500.55.7.1, kernel-obs-build-5.14.21-150500.55.7.1, kernel-source-5.14.21-150500.55.7.1, kernel-default-base-5.14.21-150500.55.7.1.150500.6.2.5
Basesystem Module 15-SP5 (src): kernel-source-5.14.21-150500.55.7.1, kernel-default-base-5.14.21-150500.55.7.1.150500.6.2.5
Development Tools Module 15-SP5 (src): kernel-source-5.14.21-150500.55.7.1, kernel-syms-5.14.21-150500.55.7.1, kernel-obs-build-5.14.21-150500.55.7.1
SUSE Linux Enterprise Live Patching 15-SP5 (src): kernel-livepatch-SLE15-SP5_Update_1-1-150500.11.7.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 61 Maintenance Automation 2024-02-27 12:01:18 UTC

SUSE-SU-2023:2646-1: An update that solves 69 vulnerabilities, contains six features and has 292 security fixes can now be installed.

Category: security (important)
Bug References: 1065729, 1109158, 1142685, 1152472, 1152489, 1155798, 1160435, 1166486, 1172073, 1174777, 1177529, 1186449, 1189998, 1189999, 1191731, 1193629, 1194869, 1195175, 1195655, 1195921, 1196058, 1197534, 1197617, 1198101, 1198438, 1198835, 1199304, 1200054, 1202353, 1202633, 1203039, 1203200, 1203325, 1203331, 1203332, 1203693, 1203906, 1204356, 1204662, 1204993, 1205191, 1205205, 1205544, 1205650, 1205756, 1205758, 1205760, 1205762, 1205803, 1205846, 1206024, 1206036, 1206056, 1206057, 1206103, 1206224, 1206232, 1206340, 1206459, 1206492, 1206493, 1206552, 1206578, 1206640, 1206649, 1206677, 1206824, 1206843, 1206876, 1206877, 1206878, 1206880, 1206881, 1206882, 1206883, 1206884, 1206885, 1206886, 1206887, 1206888, 1206889, 1206890, 1206891, 1206893, 1206894, 1206935, 1206992, 1207034, 1207050, 1207088, 1207149, 1207158, 1207168, 1207185, 1207270, 1207315, 1207328, 1207497, 1207500, 1207501, 1207506, 1207507, 1207521, 1207553, 1207560, 1207574, 1207588, 1207589, 1207590, 1207591, 1207592, 1207593, 1207594, 1207602, 1207603, 1207605, 1207606, 1207607, 1207608, 1207609, 1207610, 1207611, 1207612, 1207613, 1207614, 1207615, 1207616, 1207617, 1207618, 1207619, 1207620, 1207621, 1207622, 1207623, 1207624, 1207625, 1207626, 1207627, 1207628, 1207629, 1207630, 1207631, 1207632, 1207633, 1207634, 1207635, 1207636, 1207637, 1207638, 1207639, 1207640, 1207641, 1207642, 1207643, 1207644, 1207645, 1207646, 1207647, 1207648, 1207649, 1207650, 1207651, 1207652, 1207653, 1207734, 1207768, 1207769, 1207770, 1207771, 1207773, 1207795, 1207827, 1207842, 1207845, 1207875, 1207878, 1207935, 1207948, 1208050, 1208076, 1208081, 1208105, 1208107, 1208128, 1208130, 1208149, 1208153, 1208183, 1208212, 1208219, 1208290, 1208368, 1208420, 1208428, 1208429, 1208449, 1208534, 1208541, 1208542, 1208570, 1208588, 1208598, 1208599, 1208600, 1208602, 1208604, 1208605, 1208607, 1208619, 1208628, 1208700, 1208758, 1208759, 1208776, 1208777, 1208784, 1208787, 1208815, 1208816, 1208829, 1208837, 1208843, 1208845, 1208848, 1208864, 1208902, 1208948, 1208976, 1209008, 1209052, 1209092, 1209159, 1209256, 1209258, 1209262, 1209287, 1209288, 1209290, 1209292, 1209367, 1209457, 1209504, 1209532, 1209556, 1209600, 1209635, 1209636, 1209637, 1209684, 1209687, 1209693, 1209739, 1209779, 1209788, 1209798, 1209799, 1209804, 1209805, 1209856, 1209871, 1209927, 1209980, 1209982, 1209999, 1210034, 1210050, 1210158, 1210165, 1210202, 1210203, 1210206, 1210216, 1210230, 1210294, 1210301, 1210329, 1210336, 1210409, 1210439, 1210449, 1210450, 1210469, 1210498, 1210506, 1210533, 1210551, 1210629, 1210644, 1210647, 1210725, 1210741, 1210762, 1210763, 1210764, 1210765, 1210766, 1210767, 1210768, 1210769, 1210770, 1210771, 1210775, 1210783, 1210791, 1210793, 1210806, 1210816, 1210817, 1210827, 1210940, 1210943, 1210947, 1210953, 1210986, 1211025, 1211037, 1211043, 1211044, 1211089, 1211105, 1211113, 1211131, 1211140, 1211205, 1211263, 1211280, 1211281, 1211299, 1211387, 1211414, 1211449, 1211465, 1211519, 1211564, 1211590, 1211592, 1211593, 1211595, 1211654, 1211686, 1211687, 1211688, 1211689, 1211690, 1211691, 1211692, 1211693, 1211714, 1211796, 1211804, 1211807, 1211808, 1211820, 1211836, 1211847, 1211855, 1211960, 1212129, 1212154, 1212155, 1212158
CVE References: CVE-2022-2196, CVE-2022-36280, CVE-2022-38096, CVE-2022-4269, CVE-2022-45884, CVE-2022-45885, CVE-2022-45886, CVE-2022-45887, CVE-2022-45919, CVE-2022-4744, CVE-2023-0045, CVE-2023-0122, CVE-2023-0179, CVE-2023-0394, CVE-2023-0461, CVE-2023-0469, CVE-2023-0590, CVE-2023-0597, CVE-2023-1075, CVE-2023-1076, CVE-2023-1077, CVE-2023-1079, CVE-2023-1095, CVE-2023-1118, CVE-2023-1380, CVE-2023-1382, CVE-2023-1513, CVE-2023-1582, CVE-2023-1583, CVE-2023-1611, CVE-2023-1637, CVE-2023-1652, CVE-2023-1670, CVE-2023-1838, CVE-2023-1855, CVE-2023-1989, CVE-2023-1998, CVE-2023-2002, CVE-2023-21102, CVE-2023-21106, CVE-2023-2124, CVE-2023-2156, CVE-2023-2162, CVE-2023-2176, CVE-2023-2235, CVE-2023-2269, CVE-2023-22998, CVE-2023-23000, CVE-2023-23001, CVE-2023-23004, CVE-2023-23006, CVE-2023-2483, CVE-2023-25012, CVE-2023-2513, CVE-2023-26545, CVE-2023-28327, CVE-2023-28410, CVE-2023-28464, CVE-2023-3006, CVE-2023-30456, CVE-2023-30772, CVE-2023-31084, CVE-2023-3141, CVE-2023-31436, CVE-2023-3161, CVE-2023-32233, CVE-2023-33288, CVE-2023-33951, CVE-2023-33952
Jira References: PED-3210, PED-3259, PED-3692, PED-3750, PED-3759, PED-4022
Sources used:
openSUSE Leap 15.5 (src): kernel-source-azure-5.14.21-150500.33.3.1, kernel-syms-azure-5.14.21-150500.33.3.1
Public Cloud Module 15-SP5 (src): kernel-source-azure-5.14.21-150500.33.3.1, kernel-syms-azure-5.14.21-150500.33.3.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 65 Robert Frohl 2024-05-06 12:26:45 UTC

done, closing