1218258 – (CVE-2023-6931) VUL-0: CVE-2023-6931: kernel: heap out-of-bounds write in perf_read_group

Bug 1218258 (CVE-2023-6931) - VUL-0: CVE-2023-6931: kernel: heap out-of-bounds write in perf_read_group

Summary: VUL-0: CVE-2023-6931: kernel: heap out-of-bounds write in perf_read_group

Status:	RESOLVED FIXED

Alias:	CVE-2023-6931

Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents (show other bugs)
Version:	unspecified
Hardware:	Other Other

Priority:	P3 - Medium Severity: Normal
Target Milestone:	---
Assignee:	Security Team bot
QA Contact:	Security Team bot

URL:	https://smash.suse.de/issue/388672/
Whiteboard:	CVSSv3.1:SUSE:CVE-2023-6931:7.0:(AV:L...
Keywords:

Depends on:
Blocks:	1218259
	Show dependency tree / graph

Clone This Bug

Reported:	2023-12-20 09:52 UTC by SMASH SMASH
Modified:	2024-06-25 18:03 UTC (History)
CC List:	7 users (show)

See Also:
Found By:	Security Response Team
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description SMASH SMASH 2023-12-20 09:52:20 UTC

A heap out-of-bounds write vulnerability in the Linux kernel's Performance Events system component can be exploited to achieve local privilege escalation.

A perf_event's read_size can overflow, leading to an heap out-of-bounds increment or write in perf_read_group().

We recommend upgrading past commit 382c27f4ed28f803b1f1473ac2d8db0afc795a1b.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-6931

Comment 1 Gabriele Sonnu 2023-12-20 10:06:52 UTC

Fixing commit:

https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=382c27f4ed28f803b1f1473ac2d8db0afc795a1b

Tracking as affected:

 - SLE12-SP5
 - SLE15-SP4
 - SLE15-SP5
 - SLE15-SP6
 - cve/linux-4.12
 - cve/linux-4.4
 - cve/linux-5.3

stable already contains the fix.

Comment 2 Jan Kara 2023-12-21 12:40:59 UTC

Assigning bug to assure forward progress. Tony, is this something for you? If not, who is taking care of perf in-kernel part?

Comment 3 Tony Jones 2023-12-21 18:39:38 UTC

(In reply to Jan Kara from comment #2)
> Assigning bug to assure forward progress. Tony, is this something for you?
> If not, who is taking care of perf in-kernel part?

Jan.  I am responsible for userspace and kernel parts for perf,  all archs.   Things like RAPL etc go to the core arch person.

Very timely I just finished the last fuzzer perf fix across multi-sp releases :(

Comment 4 Tony Jones 2023-12-23 02:37:08 UTC

382c27f4ed28f803b1f1473ac2d8db0afc795a1b 
7e2c1e4b34f07d9aa8937fab88359d4a0fce468e

pushed to SLE15-{SP4, SP5, SP6}

remainder next week

Comment 7 Tony Jones 2023-12-27 21:51:03 UTC

pushed to cve/5.3

cve/4.12 and cve/4.4 look like they will require more work due to lack of dependent changes ... ongoing.

Comment 8 Tony Jones 2023-12-28 02:04:16 UTC

(In reply to Tony Jones from comment #7)
> pushed to cve/5.3
> 
> cve/4.12 and cve/4.4 look like they will require more work due to lack of
> dependent changes ... ongoing.

pushed to cve/4.4 and cve/4.12.  I did a brief smoke test on 4.12 and 5.3 but without a reproducer.c it's more challenging.   I did not test 4.4, hopefully someone does before it goes out the door? 

reassigning to security team

Comment 33 Maintenance Automation 2024-01-16 16:30:08 UTC

SUSE-SU-2024:0129-1: An update that solves 10 vulnerabilities, contains three features and has 31 security fixes can now be installed.

Category: security (important)
Bug References: 1179610, 1183045, 1193285, 1211162, 1211226, 1212584, 1214747, 1214823, 1215237, 1215696, 1215885, 1216057, 1216559, 1216776, 1217036, 1217217, 1217250, 1217602, 1217692, 1217790, 1217801, 1217933, 1217938, 1217946, 1217947, 1217980, 1217981, 1217982, 1218056, 1218139, 1218184, 1218234, 1218253, 1218258, 1218335, 1218357, 1218447, 1218515, 1218559, 1218569, 1218659
CVE References: CVE-2020-26555, CVE-2023-51779, CVE-2023-6121, CVE-2023-6531, CVE-2023-6546, CVE-2023-6606, CVE-2023-6610, CVE-2023-6622, CVE-2023-6931, CVE-2023-6932
Jira References: PED-3459, PED-5021, PED-7322
Sources used:
SUSE Real Time Module 15-SP4 (src): kernel-syms-rt-5.14.21-150400.15.65.1, kernel-source-rt-5.14.21-150400.15.65.1
SUSE Linux Enterprise Live Patching 15-SP4 (src): kernel-livepatch-SLE15-SP4-RT_Update_17-1-150400.1.3.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 34 Maintenance Automation 2024-01-16 16:30:13 UTC

SUSE-SU-2024:0120-1: An update that solves eight vulnerabilities, contains one feature and has one security fix can now be installed.

Category: security (important)
Bug References: 1179610, 1202095, 1215237, 1217250, 1217946, 1217947, 1218253, 1218258, 1218559
CVE References: CVE-2020-26555, CVE-2022-2586, CVE-2023-51779, CVE-2023-6121, CVE-2023-6606, CVE-2023-6610, CVE-2023-6931, CVE-2023-6932
Jira References: PED-5021
Sources used:
SUSE Linux Enterprise Live Patching 15-SP1 (src): kernel-livepatch-SLE15-SP1_Update_47-1-150100.3.3.1
SUSE Linux Enterprise High Performance Computing 15 SP1 LTSS 15-SP1 (src): kernel-syms-4.12.14-150100.197.168.1, kernel-source-4.12.14-150100.197.168.1, kernel-obs-build-4.12.14-150100.197.168.1
SUSE Linux Enterprise Server 15 SP1 LTSS 15-SP1 (src): kernel-syms-4.12.14-150100.197.168.1, kernel-source-4.12.14-150100.197.168.1, kernel-obs-build-4.12.14-150100.197.168.1
SUSE Linux Enterprise Server for SAP Applications 15 SP1 (src): kernel-syms-4.12.14-150100.197.168.1, kernel-source-4.12.14-150100.197.168.1, kernel-obs-build-4.12.14-150100.197.168.1
SUSE CaaS Platform 4.0 (src): kernel-syms-4.12.14-150100.197.168.1, kernel-source-4.12.14-150100.197.168.1, kernel-obs-build-4.12.14-150100.197.168.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 35 Maintenance Automation 2024-01-16 16:30:18 UTC

SUSE-SU-2024:0117-1: An update that solves eight vulnerabilities, contains two features and has 13 security fixes can now be installed.

Category: security (important)
Bug References: 1109837, 1179610, 1202095, 1211226, 1211439, 1214158, 1214479, 1215237, 1217036, 1217250, 1217801, 1217936, 1217946, 1217947, 1218057, 1218184, 1218253, 1218258, 1218362, 1218559, 1218622
CVE References: CVE-2020-26555, CVE-2022-2586, CVE-2023-51779, CVE-2023-6121, CVE-2023-6606, CVE-2023-6610, CVE-2023-6931, CVE-2023-6932
Jira References: PED-5021, PED-5023
Sources used:
SUSE Linux Enterprise Live Patching 12-SP5 (src): kgraft-patch-SLE12-SP5_Update_52-1-8.3.1
SUSE Linux Enterprise Software Development Kit 12 SP5 (src): kernel-obs-build-4.12.14-122.189.1
SUSE Linux Enterprise High Performance Computing 12 SP5 (src): kernel-source-4.12.14-122.189.1, kernel-syms-4.12.14-122.189.1
SUSE Linux Enterprise Server 12 SP5 (src): kernel-source-4.12.14-122.189.1, kernel-syms-4.12.14-122.189.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5 (src): kernel-source-4.12.14-122.189.1, kernel-syms-4.12.14-122.189.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 36 Maintenance Automation 2024-01-16 16:30:28 UTC

SUSE-SU-2024:0115-1: An update that solves 10 vulnerabilities, contains three features and has 40 security fixes can now be installed.

Category: security (important)
Bug References: 1179610, 1183045, 1211162, 1211226, 1212139, 1212584, 1214117, 1214747, 1214823, 1215237, 1215696, 1215885, 1215952, 1216032, 1216057, 1216559, 1216776, 1217036, 1217217, 1217250, 1217602, 1217692, 1217790, 1217801, 1217822, 1217927, 1217933, 1217938, 1217946, 1217947, 1217980, 1217981, 1217982, 1218056, 1218092, 1218139, 1218184, 1218229, 1218234, 1218253, 1218258, 1218335, 1218357, 1218397, 1218447, 1218461, 1218515, 1218559, 1218569, 1218643
CVE References: CVE-2020-26555, CVE-2023-51779, CVE-2023-6121, CVE-2023-6531, CVE-2023-6546, CVE-2023-6606, CVE-2023-6610, CVE-2023-6622, CVE-2023-6931, CVE-2023-6932
Jira References: PED-3459, PED-5021, PED-7167
Sources used:
openSUSE Leap 15.5 (src): kernel-source-rt-5.14.21-150500.13.30.1, kernel-livepatch-SLE15-SP5-RT_Update_9-1-150500.11.3.1, kernel-syms-rt-5.14.21-150500.13.30.1
SUSE Linux Enterprise Live Patching 15-SP5 (src): kernel-livepatch-SLE15-SP5-RT_Update_9-1-150500.11.3.1
SUSE Real Time Module 15-SP5 (src): kernel-source-rt-5.14.21-150500.13.30.1, kernel-syms-rt-5.14.21-150500.13.30.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 38 Maintenance Automation 2024-01-17 12:36:27 UTC

SUSE-SU-2024:0118-1: An update that solves eight vulnerabilities, contains two features and has 12 security fixes can now be installed.

Category: security (important)
Bug References: 1109837, 1179610, 1202095, 1211226, 1211439, 1214479, 1215237, 1217036, 1217250, 1217801, 1217936, 1217946, 1217947, 1218057, 1218184, 1218253, 1218258, 1218362, 1218559, 1218622
CVE References: CVE-2020-26555, CVE-2022-2586, CVE-2023-51779, CVE-2023-6121, CVE-2023-6606, CVE-2023-6610, CVE-2023-6931, CVE-2023-6932
Jira References: PED-5021, PED-5023
Sources used:
SUSE Linux Enterprise Real Time 12 SP5 (src): kernel-source-rt-4.12.14-10.157.1, kernel-syms-rt-4.12.14-10.157.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 39 Maintenance Automation 2024-01-17 12:36:37 UTC

SUSE-SU-2024:0113-1: An update that solves eight vulnerabilities, contains two features and has 13 security fixes can now be installed.

Category: security (important)
Bug References: 1108281, 1109837, 1179610, 1202095, 1211226, 1211439, 1214479, 1215237, 1217036, 1217250, 1217801, 1217936, 1217946, 1217947, 1218057, 1218184, 1218253, 1218258, 1218362, 1218559, 1218622
CVE References: CVE-2020-26555, CVE-2022-2586, CVE-2023-51779, CVE-2023-6121, CVE-2023-6606, CVE-2023-6610, CVE-2023-6931, CVE-2023-6932
Jira References: PED-5021, PED-5023
Sources used:
SUSE Linux Enterprise Server for SAP Applications 12 SP5 (src): kernel-source-azure-4.12.14-16.163.1, kernel-syms-azure-4.12.14-16.163.1
SUSE Linux Enterprise High Performance Computing 12 SP5 (src): kernel-source-azure-4.12.14-16.163.1, kernel-syms-azure-4.12.14-16.163.1
SUSE Linux Enterprise Server 12 SP5 (src): kernel-source-azure-4.12.14-16.163.1, kernel-syms-azure-4.12.14-16.163.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 40 Maintenance Automation 2024-01-17 12:36:50 UTC

SUSE-SU-2024:0110-1: An update that solves seven vulnerabilities, contains one feature and has six security fixes can now be installed.

Category: security (important)
Bug References: 1179610, 1211226, 1215237, 1215375, 1217250, 1217709, 1217946, 1217947, 1218105, 1218184, 1218253, 1218258, 1218559
CVE References: CVE-2020-26555, CVE-2023-51779, CVE-2023-6121, CVE-2023-6606, CVE-2023-6610, CVE-2023-6931, CVE-2023-6932
Jira References: PED-5021
Sources used:

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 43 Maintenance Automation 2024-01-18 12:30:20 UTC

SUSE-SU-2024:0141-1: An update that solves 10 vulnerabilities, contains three features and has 41 security fixes can now be installed.

Category: security (important)
Bug References: 1108281, 1179610, 1183045, 1211162, 1211226, 1212139, 1212584, 1214117, 1214747, 1214823, 1215237, 1215696, 1215885, 1215952, 1216032, 1216057, 1216559, 1216776, 1217036, 1217217, 1217250, 1217602, 1217692, 1217790, 1217801, 1217822, 1217927, 1217933, 1217938, 1217946, 1217947, 1217980, 1217981, 1217982, 1218056, 1218092, 1218139, 1218184, 1218229, 1218234, 1218253, 1218258, 1218335, 1218357, 1218397, 1218447, 1218461, 1218515, 1218559, 1218569, 1218643
CVE References: CVE-2020-26555, CVE-2023-51779, CVE-2023-6121, CVE-2023-6531, CVE-2023-6546, CVE-2023-6606, CVE-2023-6610, CVE-2023-6622, CVE-2023-6931, CVE-2023-6932
Jira References: PED-3459, PED-5021, PED-7167
Sources used:
openSUSE Leap 15.5 (src): kernel-syms-azure-5.14.21-150500.33.29.1, kernel-source-azure-5.14.21-150500.33.29.1
Public Cloud Module 15-SP5 (src): kernel-syms-azure-5.14.21-150500.33.29.1, kernel-source-azure-5.14.21-150500.33.29.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 45 Maintenance Automation 2024-01-18 16:30:03 UTC

SUSE-SU-2024:0154-1: An update that solves seven vulnerabilities, contains one feature and has two security fixes can now be installed.

Category: security (important)
Bug References: 1179610, 1215237, 1217250, 1217709, 1217946, 1217947, 1218253, 1218258, 1218559
CVE References: CVE-2020-26555, CVE-2023-51779, CVE-2023-6121, CVE-2023-6606, CVE-2023-6610, CVE-2023-6931, CVE-2023-6932
Jira References: PED-5021
Sources used:
SUSE Linux Enterprise Live Patching 15-SP2 (src): kernel-livepatch-SLE15-SP2_Update_44-1-150200.5.3.1
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (src): kernel-obs-build-5.3.18-150200.24.175.1, kernel-default-base-5.3.18-150200.24.175.1.150200.9.89.1, kernel-syms-5.3.18-150200.24.175.1, kernel-source-5.3.18-150200.24.175.1
SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (src): kernel-obs-build-5.3.18-150200.24.175.1, kernel-default-base-5.3.18-150200.24.175.1.150200.9.89.1, kernel-syms-5.3.18-150200.24.175.1, kernel-source-5.3.18-150200.24.175.1
SUSE Linux Enterprise Server for SAP Applications 15 SP2 (src): kernel-obs-build-5.3.18-150200.24.175.1, kernel-default-base-5.3.18-150200.24.175.1.150200.9.89.1, kernel-syms-5.3.18-150200.24.175.1, kernel-source-5.3.18-150200.24.175.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 46 Maintenance Automation 2024-01-18 16:30:07 UTC

SUSE-SU-2024:0153-1: An update that solves seven vulnerabilities, contains one feature and has four security fixes can now be installed.

Category: security (important)
Bug References: 1179610, 1215237, 1215375, 1217250, 1217709, 1217946, 1217947, 1218105, 1218253, 1218258, 1218559
CVE References: CVE-2020-26555, CVE-2023-51779, CVE-2023-6121, CVE-2023-6606, CVE-2023-6610, CVE-2023-6931, CVE-2023-6932
Jira References: PED-5021
Sources used:
openSUSE Leap 15.3 (src): kernel-default-base-5.3.18-150300.59.147.2.150300.18.86.2, kernel-obs-qa-5.3.18-150300.59.147.1, kernel-livepatch-SLE15-SP3_Update_40-1-150300.7.3.2, kernel-syms-5.3.18-150300.59.147.1, kernel-source-5.3.18-150300.59.147.1, kernel-obs-build-5.3.18-150300.59.147.2
SUSE Linux Enterprise Live Patching 15-SP3 (src): kernel-livepatch-SLE15-SP3_Update_40-1-150300.7.3.2
SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (src): kernel-syms-5.3.18-150300.59.147.1, kernel-default-base-5.3.18-150300.59.147.2.150300.18.86.2, kernel-source-5.3.18-150300.59.147.1, kernel-obs-build-5.3.18-150300.59.147.2
SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (src): kernel-syms-5.3.18-150300.59.147.1, kernel-default-base-5.3.18-150300.59.147.2.150300.18.86.2, kernel-source-5.3.18-150300.59.147.1, kernel-obs-build-5.3.18-150300.59.147.2
SUSE Linux Enterprise Server for SAP Applications 15 SP3 (src): kernel-syms-5.3.18-150300.59.147.1, kernel-default-base-5.3.18-150300.59.147.2.150300.18.86.2, kernel-source-5.3.18-150300.59.147.1, kernel-obs-build-5.3.18-150300.59.147.2
SUSE Enterprise Storage 7.1 (src): kernel-syms-5.3.18-150300.59.147.1, kernel-default-base-5.3.18-150300.59.147.2.150300.18.86.2, kernel-source-5.3.18-150300.59.147.1, kernel-obs-build-5.3.18-150300.59.147.2
SUSE Linux Enterprise Micro 5.1 (src): kernel-default-base-5.3.18-150300.59.147.2.150300.18.86.2
SUSE Linux Enterprise Micro 5.2 (src): kernel-default-base-5.3.18-150300.59.147.2.150300.18.86.2
SUSE Linux Enterprise Micro for Rancher 5.2 (src): kernel-default-base-5.3.18-150300.59.147.2.150300.18.86.2

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 47 Maintenance Automation 2024-01-18 20:30:11 UTC

SUSE-SU-2024:0160-1: An update that solves 10 vulnerabilities, contains three features and has 42 security fixes can now be installed.

Category: security (important)
Bug References: 1179610, 1183045, 1211162, 1211226, 1212139, 1212584, 1214117, 1214158, 1214747, 1214823, 1215237, 1215696, 1215885, 1215952, 1216032, 1216057, 1216559, 1216776, 1217036, 1217217, 1217250, 1217602, 1217692, 1217790, 1217801, 1217822, 1217927, 1217933, 1217938, 1217946, 1217947, 1217980, 1217981, 1217982, 1218056, 1218092, 1218139, 1218184, 1218229, 1218234, 1218253, 1218258, 1218335, 1218357, 1218397, 1218447, 1218461, 1218515, 1218559, 1218569, 1218643, 1218738
CVE References: CVE-2020-26555, CVE-2023-51779, CVE-2023-6121, CVE-2023-6531, CVE-2023-6546, CVE-2023-6606, CVE-2023-6610, CVE-2023-6622, CVE-2023-6931, CVE-2023-6932
Jira References: PED-3459, PED-5021, PED-7167
Sources used:
openSUSE Leap 15.5 (src): kernel-obs-build-5.14.21-150500.55.44.1, kernel-livepatch-SLE15-SP5_Update_9-1-150500.11.5.1, kernel-syms-5.14.21-150500.55.44.1, kernel-source-5.14.21-150500.55.44.1, kernel-default-base-5.14.21-150500.55.44.1.150500.6.19.2, kernel-obs-qa-5.14.21-150500.55.44.1
SUSE Linux Enterprise Micro 5.5 (src): kernel-default-base-5.14.21-150500.55.44.1.150500.6.19.2
Basesystem Module 15-SP5 (src): kernel-default-base-5.14.21-150500.55.44.1.150500.6.19.2, kernel-source-5.14.21-150500.55.44.1
Development Tools Module 15-SP5 (src): kernel-source-5.14.21-150500.55.44.1, kernel-obs-build-5.14.21-150500.55.44.1, kernel-syms-5.14.21-150500.55.44.1
SUSE Linux Enterprise Live Patching 15-SP5 (src): kernel-livepatch-SLE15-SP5_Update_9-1-150500.11.5.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 48 Maintenance Automation 2024-01-18 20:30:28 UTC

SUSE-SU-2024:0156-1: An update that solves 10 vulnerabilities, contains three features and has 31 security fixes can now be installed.

Category: security (important)
Bug References: 1179610, 1183045, 1193285, 1211162, 1211226, 1212584, 1214747, 1214823, 1215237, 1215696, 1215885, 1216057, 1216559, 1216776, 1217036, 1217217, 1217250, 1217602, 1217692, 1217790, 1217801, 1217933, 1217938, 1217946, 1217947, 1217980, 1217981, 1217982, 1218056, 1218139, 1218184, 1218234, 1218253, 1218258, 1218335, 1218357, 1218447, 1218515, 1218559, 1218569, 1218659
CVE References: CVE-2020-26555, CVE-2023-51779, CVE-2023-6121, CVE-2023-6531, CVE-2023-6546, CVE-2023-6606, CVE-2023-6610, CVE-2023-6622, CVE-2023-6931, CVE-2023-6932
Jira References: PED-3459, PED-5021, PED-7322
Sources used:
SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (src): kernel-obs-build-5.14.21-150400.24.103.1, kernel-default-base-5.14.21-150400.24.103.1.150400.24.48.1, kernel-source-5.14.21-150400.24.103.1, kernel-syms-5.14.21-150400.24.103.1
SUSE Linux Enterprise Real Time 15 SP4 (src): kernel-obs-build-5.14.21-150400.24.103.1, kernel-default-base-5.14.21-150400.24.103.1.150400.24.48.1, kernel-source-5.14.21-150400.24.103.1, kernel-syms-5.14.21-150400.24.103.1
SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (src): kernel-obs-build-5.14.21-150400.24.103.1, kernel-default-base-5.14.21-150400.24.103.1.150400.24.48.1, kernel-source-5.14.21-150400.24.103.1, kernel-syms-5.14.21-150400.24.103.1
SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (src): kernel-obs-build-5.14.21-150400.24.103.1, kernel-default-base-5.14.21-150400.24.103.1.150400.24.48.1, kernel-source-5.14.21-150400.24.103.1, kernel-syms-5.14.21-150400.24.103.1
SUSE Linux Enterprise Server for SAP Applications 15 SP4 (src): kernel-obs-build-5.14.21-150400.24.103.1, kernel-default-base-5.14.21-150400.24.103.1.150400.24.48.1, kernel-source-5.14.21-150400.24.103.1, kernel-syms-5.14.21-150400.24.103.1
SUSE Manager Proxy 4.3 (src): kernel-default-base-5.14.21-150400.24.103.1.150400.24.48.1, kernel-source-5.14.21-150400.24.103.1
SUSE Manager Retail Branch Server 4.3 (src): kernel-default-base-5.14.21-150400.24.103.1.150400.24.48.1, kernel-source-5.14.21-150400.24.103.1
SUSE Manager Server 4.3 (src): kernel-default-base-5.14.21-150400.24.103.1.150400.24.48.1, kernel-source-5.14.21-150400.24.103.1
openSUSE Leap 15.4 (src): kernel-obs-qa-5.14.21-150400.24.103.1, kernel-source-5.14.21-150400.24.103.1, kernel-obs-build-5.14.21-150400.24.103.1, kernel-default-base-5.14.21-150400.24.103.1.150400.24.48.1, kernel-livepatch-SLE15-SP4_Update_22-1-150400.9.3.1, kernel-syms-5.14.21-150400.24.103.1
openSUSE Leap Micro 5.3 (src): kernel-default-base-5.14.21-150400.24.103.1.150400.24.48.1
openSUSE Leap Micro 5.4 (src): kernel-default-base-5.14.21-150400.24.103.1.150400.24.48.1
SUSE Linux Enterprise Micro for Rancher 5.3 (src): kernel-default-base-5.14.21-150400.24.103.1.150400.24.48.1
SUSE Linux Enterprise Micro 5.3 (src): kernel-default-base-5.14.21-150400.24.103.1.150400.24.48.1
SUSE Linux Enterprise Micro for Rancher 5.4 (src): kernel-default-base-5.14.21-150400.24.103.1.150400.24.48.1
SUSE Linux Enterprise Micro 5.4 (src): kernel-default-base-5.14.21-150400.24.103.1.150400.24.48.1
SUSE Linux Enterprise Live Patching 15-SP4 (src): kernel-livepatch-SLE15-SP4_Update_22-1-150400.9.3.1
SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (src): kernel-obs-build-5.14.21-150400.24.103.1, kernel-default-base-5.14.21-150400.24.103.1.150400.24.48.1, kernel-source-5.14.21-150400.24.103.1, kernel-syms-5.14.21-150400.24.103.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 53 Alexander Bergmann 2024-03-07 09:28:49 UTC

A possible workaround with this perf event vulnerability is the setting of the kernel perf_event_paranoid switch. On SLE 12 and 15 this switch is set to `2`, restricting kernel profiling by users without CAP_SYS_ADMIN.

It is possible to check the setting on a live system via the following command:

$ cat /proc/sys/kernel/perf_event_paranoid
2

Reference:
https://vulners.com/redhatcve/RH:CVE-2023-6931

Comment 55 Robert Frohl 2024-06-10 14:28:04 UTC

done, closing