SUSE-SU-2023:0762-1

See a problem?
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2023:0762-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2023:0762-1
Related
Published
2023-03-16T10:36:06Z
Modified
2023-03-16T10:36:06Z
Summary
Security update for the Linux Kernel
Details

The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

  • CVE-2022-38096: Fixed NULL-ptr deref in vmwcmddxdefinequery() (bsc#1203331).
  • CVE-2022-4129: Fixed a denial of service with the Layer 2 Tunneling Protocol (L2TP). A missing lock when clearing skuserdata can lead to a race condition and NULL pointer dereference. (bsc#1205711)
  • CVE-2023-0597: Fixed lack of randomization of per-cpu entry area in x86/mm (bsc#1207845).
  • CVE-2023-1118: Fixed a use-after-free bugs caused by enetxirqsim() in media/rc (bsc#1208837).
  • CVE-2023-23559: Fixed integer overflow in rndis_wlan that leads to a buffer overflow (bsc#1207051).
  • CVE-2023-26545: Fixed double free in net/mpls/af_mpls.c upon an allocation failure (bsc#1208700).

The following non-security bugs were fixed:

  • bonding: fix 802.3ad state sent to partner when unbinding slave (git-fixes).
  • do not sign the vanilla kernel (bsc#1209008).
  • icmp: do not fail on fragment reassembly time exceeded (git-fixes).
  • ipmi: fix initialization when workqueue allocation fails (git-fixes).
  • ipmi: msghandler: Make symbol 'removeworkwq' static (git-fixes).
  • kabi fix for - SUNRPC: Fix priority queue fairness (git-fixes).
  • kabi fix for: NFS: Pass error information to the pgio error cleanup routine (git-fixes).
  • kabi/severities: add l2tp local symbols
  • kernel-module-subpackage: Fix expansion with -b parameter (bsc#1208179). When -b is specified the script is prefixed with KMPNEEDSMKINITRD=1 which sets the variable for a simple command. However, the script is no longer a simple command. Export the variable instead.
  • media: coda: Add check for dcodairamalloc (git-fixes).
  • media: coda: Add check for kmalloc (git-fixes).
  • media: platform: ti: Add missing check for devmregulatorget (git-fixes).
  • net: aquantia: fix RSS table and key sizes (git-fixes).
  • netfilter: ipvs: Fix inappropriate output of procfs (git-fixes).
  • netfilter: xt_connlimit: do not store address in the conn nodes (git-fixes).
  • nfs: Fix nfsi->nrequests count error on nfsinoderemove_request (git-fixes).
  • nfs: Pass error information to the pgio error cleanup routine (git-fixes).
  • nfsd: fix handling of readdir in v4root vs. mount upcall timeout (git-fixes).
  • nfsd: fix race to check ls_layouts (git-fixes).
  • nfsd: under NFSv4.1, fix double svcxprtput on rpc_create failure (git-fixes).
  • ocfs2: Fix data corruption after failed write (bsc#1208542).
  • pNFS/filelayout: Fix coalescing test for single DS (git-fixes).
  • powerpc/eeh: Fix use-after-release of EEH driver (bsc#1065729).
  • powerpc/fscr: Enable interrupts earlier before calling get_user() (bsc#1065729).
  • powerpc/powernv: Fix build error in opal-imc.c when NUMA=n (bsc#1065729).
  • powerpc/powernv: IMC fix out of bounds memory access at shutdown (bsc#1065729).
  • scsi: qla2xxx: Add option to disable FC2 Target support (bsc#1198438 bsc#1206103).
  • sunrpc: Fix priority queue fairness (git-fixes).
  • sunrpc: ensure the matching upcall is in-flight upon downcall (git-fixes).
  • vlan: Fix out of order vlan headers with reorder header off (git-fixes).
  • vlan: Fix vlan insertion for packets without ethernet header (git-fixes).
  • vxlan: Fix error path in _vxlandev_create() (git-fixes).
  • vxlan: changelink: Fix handling of default remotes (git-fixes).
  • xfrm: Copy policy family in clone_policy (git-fixes).
References

Affected packages

SUSE:Linux Enterprise Server 12 SP5 / kernel-azure

Package

Name
kernel-azure
Purl
purl:rpm/suse/kernel-azure&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.12.14-16.127.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-azure": "4.12.14-16.127.1",
            "kernel-azure-devel": "4.12.14-16.127.1",
            "kernel-devel-azure": "4.12.14-16.127.1",
            "kernel-syms-azure": "4.12.14-16.127.1",
            "kernel-azure-base": "4.12.14-16.127.1",
            "kernel-source-azure": "4.12.14-16.127.1"
        }
    ]
}

SUSE:Linux Enterprise Server 12 SP5 / kernel-source-azure

Package

Name
kernel-source-azure
Purl
purl:rpm/suse/kernel-source-azure&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.12.14-16.127.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-azure": "4.12.14-16.127.1",
            "kernel-azure-devel": "4.12.14-16.127.1",
            "kernel-devel-azure": "4.12.14-16.127.1",
            "kernel-syms-azure": "4.12.14-16.127.1",
            "kernel-azure-base": "4.12.14-16.127.1",
            "kernel-source-azure": "4.12.14-16.127.1"
        }
    ]
}

SUSE:Linux Enterprise Server 12 SP5 / kernel-syms-azure

Package

Name
kernel-syms-azure
Purl
purl:rpm/suse/kernel-syms-azure&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.12.14-16.127.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-azure": "4.12.14-16.127.1",
            "kernel-azure-devel": "4.12.14-16.127.1",
            "kernel-devel-azure": "4.12.14-16.127.1",
            "kernel-syms-azure": "4.12.14-16.127.1",
            "kernel-azure-base": "4.12.14-16.127.1",
            "kernel-source-azure": "4.12.14-16.127.1"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 12 SP5 / kernel-azure

Package

Name
kernel-azure
Purl
purl:rpm/suse/kernel-azure&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.12.14-16.127.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-azure": "4.12.14-16.127.1",
            "kernel-azure-devel": "4.12.14-16.127.1",
            "kernel-devel-azure": "4.12.14-16.127.1",
            "kernel-syms-azure": "4.12.14-16.127.1",
            "kernel-azure-base": "4.12.14-16.127.1",
            "kernel-source-azure": "4.12.14-16.127.1"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 12 SP5 / kernel-source-azure

Package

Name
kernel-source-azure
Purl
purl:rpm/suse/kernel-source-azure&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.12.14-16.127.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-azure": "4.12.14-16.127.1",
            "kernel-azure-devel": "4.12.14-16.127.1",
            "kernel-devel-azure": "4.12.14-16.127.1",
            "kernel-syms-azure": "4.12.14-16.127.1",
            "kernel-azure-base": "4.12.14-16.127.1",
            "kernel-source-azure": "4.12.14-16.127.1"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 12 SP5 / kernel-syms-azure

Package

Name
kernel-syms-azure
Purl
purl:rpm/suse/kernel-syms-azure&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.12.14-16.127.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-azure": "4.12.14-16.127.1",
            "kernel-azure-devel": "4.12.14-16.127.1",
            "kernel-devel-azure": "4.12.14-16.127.1",
            "kernel-syms-azure": "4.12.14-16.127.1",
            "kernel-azure-base": "4.12.14-16.127.1",
            "kernel-source-azure": "4.12.14-16.127.1"
        }
    ]
}