Bug 1220749 (CVE-2021-47065) - VUL-0: CVE-2021-47065: kernel: rtw88: out of bounds read in rtw_get_tx_power_params()
Summary: VUL-0: CVE-2021-47065: kernel: rtw88: out of bounds read in rtw_get_tx_power_...
Status: RESOLVED FIXED
Alias: CVE-2021-47065
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents (show other bugs)
Version: unspecified
Hardware: Other Other
: P5 - None : Normal
Target Milestone: ---
Assignee: Kernel Bugs
QA Contact: Security Team bot
URL: https://smash.suse.de/issue/395876/
Whiteboard: CVSSv3.1:SUSE:CVE-2021-47065:6.3:(AV:...
Keywords:
Depends on:
Blocks:
 
Reported: 2024-03-01 10:08 UTC by SMASH SMASH
Modified: 2024-05-03 08:37 UTC (History)
1 user (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description SMASH SMASH 2024-03-01 10:08:31 UTC 
In the Linux kernel, the following vulnerability has been resolved:

rtw88: Fix array overrun in rtw_get_tx_power_params()

Using a kernel with the Undefined Behaviour Sanity Checker (UBSAN) enabled, the
following array overrun is logged:

================================================================================
UBSAN: array-index-out-of-bounds in /home/finger/wireless-drivers-next/drivers/net/wireless/realtek/rtw88/phy.c:1789:34
index 5 is out of range for type 'u8 [5]'
CPU: 2 PID: 84 Comm: kworker/u16:3 Tainted: G           O      5.12.0-rc5-00086-gd88bba47038e-dirty #651
Hardware name: TOSHIBA TECRA A50-A/TECRA A50-A, BIOS Version 4.50   09/29/2014
Workqueue: phy0 ieee80211_scan_work [mac80211]
Call Trace:
 dump_stack+0x64/0x7c
 ubsan_epilogue+0x5/0x40
 __ubsan_handle_out_of_bounds.cold+0x43/0x48
 rtw_get_tx_power_params+0x83a/drivers/net/wireless/realtek/rtw88/0xad0 [rtw_core]
 ? rtw_pci_read16+0x20/0x20 [rtw_pci]
 ? check_hw_ready+0x50/0x90 [rtw_core]
 rtw_phy_get_tx_power_index+0x4d/0xd0 [rtw_core]
 rtw_phy_set_tx_power_level+0xee/0x1b0 [rtw_core]
 rtw_set_channel+0xab/0x110 [rtw_core]
 rtw_ops_config+0x87/0xc0 [rtw_core]
 ieee80211_hw_config+0x9d/0x130 [mac80211]
 ieee80211_scan_state_set_channel+0x81/0x170 [mac80211]
 ieee80211_scan_work+0x19f/0x2a0 [mac80211]
 process_one_work+0x1dd/0x3a0
 worker_thread+0x49/0x330
 ? rescuer_thread+0x3a0/0x3a0
 kthread+0x134/0x150
 ? kthread_create_worker_on_cpu+0x70/0x70
 ret_from_fork+0x22/0x30
================================================================================

The statement where an array is being overrun is shown in the following snippet:

	if (rate <= DESC_RATE11M)
		tx_power = pwr_idx_2g->cck_base[group];
	else
====>		tx_power = pwr_idx_2g->bw40_base[group];

The associated arrays are defined in main.h as follows:

struct rtw_2g_txpwr_idx {
	u8 cck_base[6];
	u8 bw40_base[5];
	struct rtw_2g_1s_pwr_idx_diff ht_1s_diff;
	struct rtw_2g_ns_pwr_idx_diff ht_2s_diff;
	struct rtw_2g_ns_pwr_idx_diff ht_3s_diff;
	struct rtw_2g_ns_pwr_idx_diff ht_4s_diff;
};

The problem arises because the value of group is 5 for channel 14. The trivial
increase in the dimension of bw40_base fails as this struct must match the layout of
efuse. The fix is to add the rate as an argument to rtw_get_channel_group() and set
the group for channel 14 to 4 if rate <= DESC_RATE11M.

This patch fixes commit fa6dfe6bff24 ("rtw88: resolve order of tx power setting routines")

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-47065
https://www.cve.org/CVERecord?id=CVE-2021-47065
https://git.kernel.org/stable/c/2ff25985ea9ccc6c9af2c77b0b49045adcc62e0e
https://git.kernel.org/stable/c/5f3dbced8eaa5c9ed7d6943f3fea99f235a6516a
https://git.kernel.org/stable/c/6b5aa0cf321c25f41e09a61c83ee4dc7ab9549cb
https://git.kernel.org/stable/c/95fb153c6027924cda3422120169d1890737f3a0
https://git.kernel.org/stable/c/9cd09722e18a08b6a3d68b8bccfac39ddc22434c
https://bugzilla.redhat.com/show_bug.cgi?id=2267165
Comment 1 Carlos López 2024-03-01 10:09:11 UTC 
Already fixed in cve/linux-5.3 and newer. Older branches not affected. Closing.
Comment 9 Maintenance Automation 2024-04-26 16:30:13 UTC 
SUSE-SU-2024:1454-1: An update that solves 114 vulnerabilities, contains one feature and has four security fixes can now be installed.

Category: security (important)
Bug References: 1186060, 1192145, 1194516, 1208995, 1209635, 1209657, 1212514, 1213456, 1217987, 1217988, 1217989, 1218336, 1218447, 1218479, 1218562, 1219170, 1219264, 1220320, 1220340, 1220366, 1220411, 1220413, 1220442, 1220445, 1220468, 1220484, 1220521, 1220528, 1220529, 1220532, 1220536, 1220554, 1220556, 1220560, 1220561, 1220566, 1220575, 1220580, 1220583, 1220611, 1220615, 1220625, 1220631, 1220638, 1220640, 1220641, 1220662, 1220669, 1220687, 1220692, 1220697, 1220703, 1220706, 1220739, 1220743, 1220745, 1220749, 1220751, 1220764, 1220768, 1220769, 1220777, 1220779, 1220785, 1220790, 1220794, 1220826, 1220829, 1220836, 1220846, 1220850, 1220861, 1220871, 1220883, 1220946, 1220969, 1221044, 1221058, 1221061, 1221077, 1221088, 1221293, 1221532, 1221534, 1221541, 1221548, 1221575, 1221605, 1221606, 1221608, 1221830, 1221934, 1221935, 1221949, 1221952, 1221965, 1221966, 1221969, 1221989, 1221991, 1221992, 1221993, 1221994, 1221997, 1221998, 1221999, 1222000, 1222001, 1222002, 1222004, 1222117, 1222422, 1222585, 1222619, 1222660, 1222664, 1222669, 1222706
CVE References: CVE-2020-36780, CVE-2020-36782, CVE-2020-36783, CVE-2021-23134, CVE-2021-46909, CVE-2021-46921, CVE-2021-46930, CVE-2021-46938, CVE-2021-46939, CVE-2021-46943, CVE-2021-46944, CVE-2021-46950, CVE-2021-46951, CVE-2021-46958, CVE-2021-46960, CVE-2021-46961, CVE-2021-46962, CVE-2021-46963, CVE-2021-46971, CVE-2021-46981, CVE-2021-46984, CVE-2021-46988, CVE-2021-46990, CVE-2021-46991, CVE-2021-46992, CVE-2021-46998, CVE-2021-47000, CVE-2021-47006, CVE-2021-47013, CVE-2021-47015, CVE-2021-47020, CVE-2021-47034, CVE-2021-47045, CVE-2021-47049, CVE-2021-47051, CVE-2021-47055, CVE-2021-47056, CVE-2021-47058, CVE-2021-47061, CVE-2021-47063, CVE-2021-47065, CVE-2021-47068, CVE-2021-47069, CVE-2021-47070, CVE-2021-47071, CVE-2021-47073, CVE-2021-47077, CVE-2021-47082, CVE-2021-47109, CVE-2021-47110, CVE-2021-47112, CVE-2021-47114, CVE-2021-47117, CVE-2021-47118, CVE-2021-47119, CVE-2021-47120, CVE-2021-47138, CVE-2021-47139, CVE-2021-47141, CVE-2021-47142, CVE-2021-47144, CVE-2021-47153, CVE-2021-47161, CVE-2021-47165, CVE-2021-47166, CVE-2021-47167, CVE-2021-47168, CVE-2021-47169, CVE-2021-47170, CVE-2021-47171, CVE-2021-47172, CVE-2021-47173, CVE-2021-47177, CVE-2021-47179, CVE-2021-47180, CVE-2021-47181, CVE-2021-47183, CVE-2021-47185, CVE-2021-47189, CVE-2022-0487, CVE-2022-4744, CVE-2022-48626, CVE-2023-0160, CVE-2023-1192, CVE-2023-28746, CVE-2023-35827, CVE-2023-52454, CVE-2023-52469, CVE-2023-52470, CVE-2023-52474, CVE-2023-52476, CVE-2023-52477, CVE-2023-52500, CVE-2023-52509, CVE-2023-52572, CVE-2023-52575, CVE-2023-52583, CVE-2023-52590, CVE-2023-52591, CVE-2023-52607, CVE-2023-52628, CVE-2023-6270, CVE-2023-6356, CVE-2023-6531, CVE-2023-6535, CVE-2023-6536, CVE-2023-7042, CVE-2023-7192, CVE-2024-22099, CVE-2024-26600, CVE-2024-26614, CVE-2024-26642, CVE-2024-26704, CVE-2024-26733
Jira References: PED-5759
Maintenance Incident: [SUSE:Maintenance:33232](https://smelt.suse.de/incident/33232/)
Sources used:
SUSE Linux Enterprise Live Patching 15-SP2 (src):
 kernel-livepatch-SLE15-SP2_Update_47-1-150200.5.3.3
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (src):
 kernel-syms-5.3.18-150200.24.188.1, kernel-source-5.3.18-150200.24.188.1, kernel-default-base-5.3.18-150200.24.188.1.150200.9.95.3, kernel-obs-build-5.3.18-150200.24.188.1
SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (src):
 kernel-syms-5.3.18-150200.24.188.1, kernel-source-5.3.18-150200.24.188.1, kernel-default-base-5.3.18-150200.24.188.1.150200.9.95.3, kernel-obs-build-5.3.18-150200.24.188.1
SUSE Linux Enterprise Server for SAP Applications 15 SP2 (src):
 kernel-syms-5.3.18-150200.24.188.1, kernel-source-5.3.18-150200.24.188.1, kernel-default-base-5.3.18-150200.24.188.1.150200.9.95.3, kernel-obs-build-5.3.18-150200.24.188.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 10 Maintenance Automation 2024-04-29 16:30:49 UTC 
SUSE-SU-2024:1465-1: An update that solves 145 vulnerabilities, contains five features and has five security fixes can now be installed.

Category: security (important)
Bug References: 1192145, 1209657, 1218336, 1218447, 1218479, 1218562, 1219170, 1219264, 1220320, 1220340, 1220366, 1220400, 1220411, 1220413, 1220414, 1220425, 1220426, 1220429, 1220432, 1220442, 1220445, 1220465, 1220468, 1220475, 1220484, 1220486, 1220487, 1220516, 1220521, 1220528, 1220529, 1220532, 1220536, 1220554, 1220556, 1220557, 1220560, 1220561, 1220566, 1220575, 1220580, 1220583, 1220611, 1220615, 1220621, 1220625, 1220630, 1220631, 1220638, 1220639, 1220640, 1220662, 1220663, 1220669, 1220670, 1220677, 1220678, 1220685, 1220687, 1220688, 1220692, 1220697, 1220703, 1220706, 1220733, 1220734, 1220739, 1220743, 1220749, 1220751, 1220753, 1220758, 1220759, 1220764, 1220768, 1220769, 1220777, 1220779, 1220785, 1220790, 1220794, 1220824, 1220829, 1220836, 1220846, 1220850, 1220861, 1220871, 1220883, 1220946, 1220954, 1220969, 1220979, 1220982, 1220985, 1220987, 1221015, 1221044, 1221058, 1221061, 1221077, 1221088, 1221276, 1221293, 1221532, 1221534, 1221541, 1221548, 1221552, 1221575, 1221605, 1221606, 1221608, 1221830, 1221931, 1221932, 1221934, 1221935, 1221949, 1221952, 1221965, 1221966, 1221969, 1221973, 1221974, 1221978, 1221989, 1221990, 1221991, 1221992, 1221993, 1221994, 1221996, 1221997, 1221998, 1221999, 1222000, 1222001, 1222002, 1222003, 1222004, 1222117, 1222422, 1222585, 1222619, 1222660, 1222664, 1222669, 1222706, 1222878
CVE References: CVE-2020-36780, CVE-2020-36781, CVE-2020-36782, CVE-2020-36783, CVE-2021-46908, CVE-2021-46909, CVE-2021-46911, CVE-2021-46914, CVE-2021-46917, CVE-2021-46918, CVE-2021-46919, CVE-2021-46920, CVE-2021-46921, CVE-2021-46922, CVE-2021-46930, CVE-2021-46931, CVE-2021-46933, CVE-2021-46938, CVE-2021-46939, CVE-2021-46943, CVE-2021-46944, CVE-2021-46950, CVE-2021-46951, CVE-2021-46956, CVE-2021-46958, CVE-2021-46959, CVE-2021-46960, CVE-2021-46961, CVE-2021-46962, CVE-2021-46963, CVE-2021-46971, CVE-2021-46976, CVE-2021-46980, CVE-2021-46981, CVE-2021-46983, CVE-2021-46984, CVE-2021-46988, CVE-2021-46990, CVE-2021-46991, CVE-2021-46992, CVE-2021-46998, CVE-2021-47000, CVE-2021-47001, CVE-2021-47003, CVE-2021-47006, CVE-2021-47009, CVE-2021-47014, CVE-2021-47015, CVE-2021-47017, CVE-2021-47020, CVE-2021-47026, CVE-2021-47034, CVE-2021-47035, CVE-2021-47038, CVE-2021-47044, CVE-2021-47045, CVE-2021-47046, CVE-2021-47049, CVE-2021-47051, CVE-2021-47055, CVE-2021-47056, CVE-2021-47058, CVE-2021-47063, CVE-2021-47065, CVE-2021-47068, CVE-2021-47070, CVE-2021-47071, CVE-2021-47073, CVE-2021-47077, CVE-2021-47082, CVE-2021-47087, CVE-2021-47095, CVE-2021-47097, CVE-2021-47100, CVE-2021-47101, CVE-2021-47109, CVE-2021-47110, CVE-2021-47112, CVE-2021-47114, CVE-2021-47117, CVE-2021-47118, CVE-2021-47119, CVE-2021-47120, CVE-2021-47130, CVE-2021-47136, CVE-2021-47137, CVE-2021-47138, CVE-2021-47139, CVE-2021-47141, CVE-2021-47142, CVE-2021-47144, CVE-2021-47150, CVE-2021-47153, CVE-2021-47160, CVE-2021-47161, CVE-2021-47164, CVE-2021-47165, CVE-2021-47166, CVE-2021-47167, CVE-2021-47168, CVE-2021-47169, CVE-2021-47170, CVE-2021-47171, CVE-2021-47172, CVE-2021-47173, CVE-2021-47174, CVE-2021-47175, CVE-2021-47176, CVE-2021-47177, CVE-2021-47179, CVE-2021-47180, CVE-2021-47181, CVE-2021-47183, CVE-2021-47185, CVE-2021-47189, CVE-2021-47202, CVE-2022-48626, CVE-2023-0160, CVE-2023-52454, CVE-2023-52469, CVE-2023-52470, CVE-2023-52474, CVE-2023-52476, CVE-2023-52477, CVE-2023-52492, CVE-2023-52500, CVE-2023-52508, CVE-2023-52509, CVE-2023-52572, CVE-2023-52575, CVE-2023-52583, CVE-2023-52590, CVE-2023-52591, CVE-2023-52607, CVE-2023-52628, CVE-2023-6270, CVE-2023-6531, CVE-2023-7042, CVE-2023-7192, CVE-2024-22099, CVE-2024-26600, CVE-2024-26614, CVE-2024-26642, CVE-2024-26704, CVE-2024-26733
Jira References: PED-5759, SLE-13706, SLE-15131, SLE-15172, SLE-15176
Maintenance Incident: [SUSE:Maintenance:33363](https://smelt.suse.de/incident/33363/)
Sources used:
SUSE Linux Enterprise Micro 5.1 (src):
 kernel-source-rt-5.3.18-150300.166.1
SUSE Linux Enterprise Micro 5.2 (src):
 kernel-source-rt-5.3.18-150300.166.1
SUSE Linux Enterprise Micro for Rancher 5.2 (src):
 kernel-source-rt-5.3.18-150300.166.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 11 Maintenance Automation 2024-05-03 08:31:11 UTC 
SUSE-SU-2024:1489-1: An update that solves 157 vulnerabilities, contains five features and has four security fixes can now be installed.

Category: security (important)
Bug References: 1184942, 1186060, 1192145, 1194516, 1208995, 1209635, 1209657, 1212514, 1213456, 1217987, 1217988, 1217989, 1218336, 1218447, 1218479, 1218562, 1219170, 1219264, 1220320, 1220340, 1220366, 1220400, 1220411, 1220413, 1220414, 1220425, 1220426, 1220429, 1220432, 1220442, 1220445, 1220465, 1220468, 1220475, 1220484, 1220486, 1220487, 1220516, 1220521, 1220528, 1220529, 1220532, 1220554, 1220556, 1220557, 1220560, 1220561, 1220566, 1220575, 1220580, 1220583, 1220611, 1220615, 1220621, 1220625, 1220630, 1220631, 1220638, 1220639, 1220640, 1220641, 1220662, 1220663, 1220669, 1220670, 1220677, 1220678, 1220685, 1220687, 1220688, 1220692, 1220697, 1220703, 1220706, 1220733, 1220734, 1220739, 1220743, 1220745, 1220749, 1220751, 1220753, 1220758, 1220759, 1220764, 1220768, 1220769, 1220777, 1220779, 1220785, 1220790, 1220794, 1220824, 1220826, 1220829, 1220836, 1220846, 1220850, 1220861, 1220871, 1220883, 1220946, 1220954, 1220969, 1220979, 1220982, 1220985, 1220987, 1221015, 1221044, 1221058, 1221061, 1221077, 1221088, 1221276, 1221293, 1221532, 1221534, 1221541, 1221548, 1221552, 1221575, 1221605, 1221606, 1221608, 1221830, 1221931, 1221932, 1221934, 1221935, 1221949, 1221952, 1221965, 1221966, 1221969, 1221973, 1221974, 1221978, 1221989, 1221990, 1221991, 1221992, 1221993, 1221994, 1221996, 1221997, 1221998, 1221999, 1222000, 1222001, 1222002, 1222003, 1222004, 1222117, 1222422, 1222585, 1222619, 1222660, 1222664, 1222669, 1222706
CVE References: CVE-2020-36780, CVE-2020-36781, CVE-2020-36782, CVE-2020-36783, CVE-2021-23134, CVE-2021-29155, CVE-2021-46908, CVE-2021-46909, CVE-2021-46911, CVE-2021-46914, CVE-2021-46917, CVE-2021-46918, CVE-2021-46919, CVE-2021-46920, CVE-2021-46921, CVE-2021-46922, CVE-2021-46930, CVE-2021-46931, CVE-2021-46933, CVE-2021-46938, CVE-2021-46939, CVE-2021-46943, CVE-2021-46944, CVE-2021-46950, CVE-2021-46951, CVE-2021-46956, CVE-2021-46958, CVE-2021-46959, CVE-2021-46960, CVE-2021-46961, CVE-2021-46962, CVE-2021-46963, CVE-2021-46971, CVE-2021-46976, CVE-2021-46980, CVE-2021-46981, CVE-2021-46983, CVE-2021-46984, CVE-2021-46988, CVE-2021-46990, CVE-2021-46991, CVE-2021-46992, CVE-2021-46998, CVE-2021-47000, CVE-2021-47001, CVE-2021-47003, CVE-2021-47006, CVE-2021-47009, CVE-2021-47013, CVE-2021-47014, CVE-2021-47015, CVE-2021-47017, CVE-2021-47020, CVE-2021-47026, CVE-2021-47034, CVE-2021-47035, CVE-2021-47038, CVE-2021-47044, CVE-2021-47045, CVE-2021-47046, CVE-2021-47049, CVE-2021-47051, CVE-2021-47055, CVE-2021-47056, CVE-2021-47058, CVE-2021-47061, CVE-2021-47063, CVE-2021-47065, CVE-2021-47068, CVE-2021-47069, CVE-2021-47070, CVE-2021-47071, CVE-2021-47073, CVE-2021-47077, CVE-2021-47082, CVE-2021-47087, CVE-2021-47095, CVE-2021-47097, CVE-2021-47100, CVE-2021-47101, CVE-2021-47109, CVE-2021-47110, CVE-2021-47112, CVE-2021-47114, CVE-2021-47117, CVE-2021-47118, CVE-2021-47119, CVE-2021-47120, CVE-2021-47130, CVE-2021-47136, CVE-2021-47137, CVE-2021-47138, CVE-2021-47139, CVE-2021-47141, CVE-2021-47142, CVE-2021-47144, CVE-2021-47150, CVE-2021-47153, CVE-2021-47160, CVE-2021-47161, CVE-2021-47164, CVE-2021-47165, CVE-2021-47166, CVE-2021-47167, CVE-2021-47168, CVE-2021-47169, CVE-2021-47170, CVE-2021-47171, CVE-2021-47172, CVE-2021-47173, CVE-2021-47174, CVE-2021-47175, CVE-2021-47176, CVE-2021-47177, CVE-2021-47179, CVE-2021-47180, CVE-2021-47181, CVE-2021-47183, CVE-2021-47185, CVE-2021-47189, CVE-2022-0487, CVE-2022-4744, CVE-2022-48626, CVE-2023-0160, CVE-2023-1192, CVE-2023-28746, CVE-2023-35827, CVE-2023-52454, CVE-2023-52469, CVE-2023-52470, CVE-2023-52474, CVE-2023-52476, CVE-2023-52477, CVE-2023-52492, CVE-2023-52500, CVE-2023-52508, CVE-2023-52509, CVE-2023-52572, CVE-2023-52575, CVE-2023-52583, CVE-2023-52590, CVE-2023-52591, CVE-2023-52607, CVE-2023-52628, CVE-2023-6270, CVE-2023-6356, CVE-2023-6531, CVE-2023-6535, CVE-2023-6536, CVE-2023-7042, CVE-2023-7192, CVE-2024-22099, CVE-2024-26600, CVE-2024-26614, CVE-2024-26642, CVE-2024-26704, CVE-2024-26733
Jira References: PED-5759, SLE-13706, SLE-15131, SLE-15172, SLE-15176
Maintenance Incident: [SUSE:Maintenance:33221](https://smelt.suse.de/incident/33221/)
Sources used:
SUSE Linux Enterprise Server for SAP Applications 15 SP3 (src):
 kernel-syms-5.3.18-150300.59.158.1, kernel-obs-build-5.3.18-150300.59.158.1, kernel-source-5.3.18-150300.59.158.1, kernel-default-base-5.3.18-150300.59.158.1.150300.18.92.5
SUSE Enterprise Storage 7.1 (src):
 kernel-syms-5.3.18-150300.59.158.1, kernel-obs-build-5.3.18-150300.59.158.1, kernel-source-5.3.18-150300.59.158.1, kernel-default-base-5.3.18-150300.59.158.1.150300.18.92.5
SUSE Linux Enterprise Micro 5.1 (src):
 kernel-default-base-5.3.18-150300.59.158.1.150300.18.92.5
SUSE Linux Enterprise Micro 5.2 (src):
 kernel-default-base-5.3.18-150300.59.158.1.150300.18.92.5
SUSE Linux Enterprise Micro for Rancher 5.2 (src):
 kernel-default-base-5.3.18-150300.59.158.1.150300.18.92.5
openSUSE Leap 15.3 (src):
 kernel-syms-5.3.18-150300.59.158.1, kernel-livepatch-SLE15-SP3_Update_43-1-150300.7.3.5, kernel-obs-build-5.3.18-150300.59.158.1, kernel-default-base-5.3.18-150300.59.158.1.150300.18.92.5, kernel-source-5.3.18-150300.59.158.1, kernel-obs-qa-5.3.18-150300.59.158.1
SUSE Linux Enterprise Live Patching 15-SP3 (src):
 kernel-livepatch-SLE15-SP3_Update_43-1-150300.7.3.5
SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (src):
 kernel-syms-5.3.18-150300.59.158.1, kernel-obs-build-5.3.18-150300.59.158.1, kernel-source-5.3.18-150300.59.158.1, kernel-default-base-5.3.18-150300.59.158.1.150300.18.92.5
SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (src):
 kernel-syms-5.3.18-150300.59.158.1, kernel-obs-build-5.3.18-150300.59.158.1, kernel-source-5.3.18-150300.59.158.1, kernel-default-base-5.3.18-150300.59.158.1.150300.18.92.5

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 12 Maintenance Automation 2024-05-03 08:37:39 UTC 
SUSE-SU-2024:1489-1: An update that solves 157 vulnerabilities, contains five features and has four security fixes can now be installed.

Category: security (important)
Bug References: 1184942, 1186060, 1192145, 1194516, 1208995, 1209635, 1209657, 1212514, 1213456, 1217987, 1217988, 1217989, 1218336, 1218447, 1218479, 1218562, 1219170, 1219264, 1220320, 1220340, 1220366, 1220400, 1220411, 1220413, 1220414, 1220425, 1220426, 1220429, 1220432, 1220442, 1220445, 1220465, 1220468, 1220475, 1220484, 1220486, 1220487, 1220516, 1220521, 1220528, 1220529, 1220532, 1220554, 1220556, 1220557, 1220560, 1220561, 1220566, 1220575, 1220580, 1220583, 1220611, 1220615, 1220621, 1220625, 1220630, 1220631, 1220638, 1220639, 1220640, 1220641, 1220662, 1220663, 1220669, 1220670, 1220677, 1220678, 1220685, 1220687, 1220688, 1220692, 1220697, 1220703, 1220706, 1220733, 1220734, 1220739, 1220743, 1220745, 1220749, 1220751, 1220753, 1220758, 1220759, 1220764, 1220768, 1220769, 1220777, 1220779, 1220785, 1220790, 1220794, 1220824, 1220826, 1220829, 1220836, 1220846, 1220850, 1220861, 1220871, 1220883, 1220946, 1220954, 1220969, 1220979, 1220982, 1220985, 1220987, 1221015, 1221044, 1221058, 1221061, 1221077, 1221088, 1221276, 1221293, 1221532, 1221534, 1221541, 1221548, 1221552, 1221575, 1221605, 1221606, 1221608, 1221830, 1221931, 1221932, 1221934, 1221935, 1221949, 1221952, 1221965, 1221966, 1221969, 1221973, 1221974, 1221978, 1221989, 1221990, 1221991, 1221992, 1221993, 1221994, 1221996, 1221997, 1221998, 1221999, 1222000, 1222001, 1222002, 1222003, 1222004, 1222117, 1222422, 1222585, 1222619, 1222660, 1222664, 1222669, 1222706
CVE References: CVE-2020-36780, CVE-2020-36781, CVE-2020-36782, CVE-2020-36783, CVE-2021-23134, CVE-2021-29155, CVE-2021-46908, CVE-2021-46909, CVE-2021-46911, CVE-2021-46914, CVE-2021-46917, CVE-2021-46918, CVE-2021-46919, CVE-2021-46920, CVE-2021-46921, CVE-2021-46922, CVE-2021-46930, CVE-2021-46931, CVE-2021-46933, CVE-2021-46938, CVE-2021-46939, CVE-2021-46943, CVE-2021-46944, CVE-2021-46950, CVE-2021-46951, CVE-2021-46956, CVE-2021-46958, CVE-2021-46959, CVE-2021-46960, CVE-2021-46961, CVE-2021-46962, CVE-2021-46963, CVE-2021-46971, CVE-2021-46976, CVE-2021-46980, CVE-2021-46981, CVE-2021-46983, CVE-2021-46984, CVE-2021-46988, CVE-2021-46990, CVE-2021-46991, CVE-2021-46992, CVE-2021-46998, CVE-2021-47000, CVE-2021-47001, CVE-2021-47003, CVE-2021-47006, CVE-2021-47009, CVE-2021-47013, CVE-2021-47014, CVE-2021-47015, CVE-2021-47017, CVE-2021-47020, CVE-2021-47026, CVE-2021-47034, CVE-2021-47035, CVE-2021-47038, CVE-2021-47044, CVE-2021-47045, CVE-2021-47046, CVE-2021-47049, CVE-2021-47051, CVE-2021-47055, CVE-2021-47056, CVE-2021-47058, CVE-2021-47061, CVE-2021-47063, CVE-2021-47065, CVE-2021-47068, CVE-2021-47069, CVE-2021-47070, CVE-2021-47071, CVE-2021-47073, CVE-2021-47077, CVE-2021-47082, CVE-2021-47087, CVE-2021-47095, CVE-2021-47097, CVE-2021-47100, CVE-2021-47101, CVE-2021-47109, CVE-2021-47110, CVE-2021-47112, CVE-2021-47114, CVE-2021-47117, CVE-2021-47118, CVE-2021-47119, CVE-2021-47120, CVE-2021-47130, CVE-2021-47136, CVE-2021-47137, CVE-2021-47138, CVE-2021-47139, CVE-2021-47141, CVE-2021-47142, CVE-2021-47144, CVE-2021-47150, CVE-2021-47153, CVE-2021-47160, CVE-2021-47161, CVE-2021-47164, CVE-2021-47165, CVE-2021-47166, CVE-2021-47167, CVE-2021-47168, CVE-2021-47169, CVE-2021-47170, CVE-2021-47171, CVE-2021-47172, CVE-2021-47173, CVE-2021-47174, CVE-2021-47175, CVE-2021-47176, CVE-2021-47177, CVE-2021-47179, CVE-2021-47180, CVE-2021-47181, CVE-2021-47183, CVE-2021-47185, CVE-2021-47189, CVE-2022-0487, CVE-2022-4744, CVE-2022-48626, CVE-2023-0160, CVE-2023-1192, CVE-2023-28746, CVE-2023-35827, CVE-2023-52454, CVE-2023-52469, CVE-2023-52470, CVE-2023-52474, CVE-2023-52476, CVE-2023-52477, CVE-2023-52492, CVE-2023-52500, CVE-2023-52508, CVE-2023-52509, CVE-2023-52572, CVE-2023-52575, CVE-2023-52583, CVE-2023-52590, CVE-2023-52591, CVE-2023-52607, CVE-2023-52628, CVE-2023-6270, CVE-2023-6356, CVE-2023-6531, CVE-2023-6535, CVE-2023-6536, CVE-2023-7042, CVE-2023-7192, CVE-2024-22099, CVE-2024-26600, CVE-2024-26614, CVE-2024-26642, CVE-2024-26704, CVE-2024-26733
Jira References: PED-5759, SLE-13706, SLE-15131, SLE-15172, SLE-15176
Maintenance Incident: [SUSE:Maintenance:33221](https://smelt.suse.de/incident/33221/)
Sources used:
SUSE Linux Enterprise Server for SAP Applications 15 SP3 (src):
 kernel-syms-5.3.18-150300.59.158.1, kernel-obs-build-5.3.18-150300.59.158.1, kernel-source-5.3.18-150300.59.158.1, kernel-default-base-5.3.18-150300.59.158.1.150300.18.92.5
SUSE Enterprise Storage 7.1 (src):
 kernel-syms-5.3.18-150300.59.158.1, kernel-obs-build-5.3.18-150300.59.158.1, kernel-source-5.3.18-150300.59.158.1, kernel-default-base-5.3.18-150300.59.158.1.150300.18.92.5
SUSE Linux Enterprise Micro 5.1 (src):
 kernel-default-base-5.3.18-150300.59.158.1.150300.18.92.5
SUSE Linux Enterprise Micro 5.2 (src):
 kernel-default-base-5.3.18-150300.59.158.1.150300.18.92.5
SUSE Linux Enterprise Micro for Rancher 5.2 (src):
 kernel-default-base-5.3.18-150300.59.158.1.150300.18.92.5
openSUSE Leap 15.3 (src):
 kernel-syms-5.3.18-150300.59.158.1, kernel-livepatch-SLE15-SP3_Update_43-1-150300.7.3.5, kernel-obs-build-5.3.18-150300.59.158.1, kernel-default-base-5.3.18-150300.59.158.1.150300.18.92.5, kernel-source-5.3.18-150300.59.158.1, kernel-obs-qa-5.3.18-150300.59.158.1
SUSE Linux Enterprise Live Patching 15-SP3 (src):
 kernel-livepatch-SLE15-SP3_Update_43-1-150300.7.3.5
SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (src):
 kernel-syms-5.3.18-150300.59.158.1, kernel-obs-build-5.3.18-150300.59.158.1, kernel-source-5.3.18-150300.59.158.1, kernel-default-base-5.3.18-150300.59.158.1.150300.18.92.5
SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (src):
 kernel-syms-5.3.18-150300.59.158.1, kernel-obs-build-5.3.18-150300.59.158.1, kernel-source-5.3.18-150300.59.158.1, kernel-default-base-5.3.18-150300.59.158.1.150300.18.92.5

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.