SUSE-SU-2023:0852-1

See a problem?
Please try reporting it to the source first.
Source
https://www.suse.com/support/update/announcement/2023/suse-su-20230852-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2023:0852-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2023:0852-1
Related
Published
2023-03-21T12:36:10Z
Modified
2025-05-02T04:31:53.903203Z
Upstream
Summary
Security update for the Linux Kernel
Details

The SUSE Linux Enterprise 12 SP4 kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

  • CVE-2022-4129: Fixed a denial of service with the Layer 2 Tunneling Protocol (L2TP). A missing lock when clearing skuserdata can lead to a race condition and NULL pointer dereference. (bsc#1205711)
  • CVE-2021-4203: Fixed use-after-free read flaw that was found in sockgetsockopt() in net/core/sock.c due to SOPEERCRED and SO_PEERGROUPS race with listen() (bsc#1194535).
  • CVE-2023-23559: Fixed integer overflow in rndis_wlan that leads to a buffer overflow (bsc#1207051).
  • CVE-2023-26545: Fixed double free in net/mpls/af_mpls.c upon an allocation failure (bsc#1208700).
  • CVE-2022-38096: Fixed NULL-ptr deref in vmwcmddxdefinequery() (bsc#1203331).
  • CVE-2022-36280: Fixed out-of-bounds memory access vulnerability found in vmwgfx driver (bsc#1203332).
  • CVE-2023-0045: Fixed missing Flush IBP in ibprctlset (bsc#1207773).
  • CVE-2023-0590: Fixed race condition in qdisc_graft() (bsc#1207795).
  • CVE-2022-2991: Fixed an heap-based overflow in the lightnvm implemenation (bsc#1201420).

The following non-security bugs were fixed:

  • kabi/severities: add l2tp local symbols
References

Affected packages

SUSE:OpenStack Cloud 9 / kernel-default

Package

Name
kernel-default
Purl
pkg:rpm/suse/kernel-default&distro=SUSE%20OpenStack%20Cloud%209

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.12.14-95.120.4

Ecosystem specific 

{
    "binaries": [
        {
            "kernel-macros": "4.12.14-95.120.4",
            "kernel-devel": "4.12.14-95.120.4",
            "kernel-default-base": "4.12.14-95.120.4",
            "kernel-default": "4.12.14-95.120.4",
            "kernel-source": "4.12.14-95.120.4",
            "kernel-syms": "4.12.14-95.120.4",
            "kernel-default-devel": "4.12.14-95.120.4"
        }
    ]
}

SUSE:OpenStack Cloud 9 / kernel-source

Package

Name
kernel-source
Purl
pkg:rpm/suse/kernel-source&distro=SUSE%20OpenStack%20Cloud%209

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.12.14-95.120.4

Ecosystem specific 

{
    "binaries": [
        {
            "kernel-macros": "4.12.14-95.120.4",
            "kernel-devel": "4.12.14-95.120.4",
            "kernel-default-base": "4.12.14-95.120.4",
            "kernel-default": "4.12.14-95.120.4",
            "kernel-source": "4.12.14-95.120.4",
            "kernel-syms": "4.12.14-95.120.4",
            "kernel-default-devel": "4.12.14-95.120.4"
        }
    ]
}

SUSE:OpenStack Cloud 9 / kernel-syms

Package

Name
kernel-syms
Purl
pkg:rpm/suse/kernel-syms&distro=SUSE%20OpenStack%20Cloud%209

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.12.14-95.120.4

Ecosystem specific 

{
    "binaries": [
        {
            "kernel-macros": "4.12.14-95.120.4",
            "kernel-devel": "4.12.14-95.120.4",
            "kernel-default-base": "4.12.14-95.120.4",
            "kernel-default": "4.12.14-95.120.4",
            "kernel-source": "4.12.14-95.120.4",
            "kernel-syms": "4.12.14-95.120.4",
            "kernel-default-devel": "4.12.14-95.120.4"
        }
    ]
}

SUSE:OpenStack Cloud Crowbar 9 / kernel-default

Package

Name
kernel-default
Purl
pkg:rpm/suse/kernel-default&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.12.14-95.120.4

Ecosystem specific 

{
    "binaries": [
        {
            "kernel-macros": "4.12.14-95.120.4",
            "kernel-devel": "4.12.14-95.120.4",
            "kernel-default-base": "4.12.14-95.120.4",
            "kernel-default": "4.12.14-95.120.4",
            "kernel-source": "4.12.14-95.120.4",
            "kernel-syms": "4.12.14-95.120.4",
            "kernel-default-devel": "4.12.14-95.120.4"
        }
    ]
}

SUSE:OpenStack Cloud Crowbar 9 / kernel-source

Package

Name
kernel-source
Purl
pkg:rpm/suse/kernel-source&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.12.14-95.120.4

Ecosystem specific 

{
    "binaries": [
        {
            "kernel-macros": "4.12.14-95.120.4",
            "kernel-devel": "4.12.14-95.120.4",
            "kernel-default-base": "4.12.14-95.120.4",
            "kernel-default": "4.12.14-95.120.4",
            "kernel-source": "4.12.14-95.120.4",
            "kernel-syms": "4.12.14-95.120.4",
            "kernel-default-devel": "4.12.14-95.120.4"
        }
    ]
}

SUSE:OpenStack Cloud Crowbar 9 / kernel-syms

Package

Name
kernel-syms
Purl
pkg:rpm/suse/kernel-syms&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.12.14-95.120.4

Ecosystem specific 

{
    "binaries": [
        {
            "kernel-macros": "4.12.14-95.120.4",
            "kernel-devel": "4.12.14-95.120.4",
            "kernel-default-base": "4.12.14-95.120.4",
            "kernel-default": "4.12.14-95.120.4",
            "kernel-source": "4.12.14-95.120.4",
            "kernel-syms": "4.12.14-95.120.4",
            "kernel-default-devel": "4.12.14-95.120.4"
        }
    ]
}

SUSE:Linux Enterprise High Availability Extension 12 SP4 / kernel-default

Package

Name
kernel-default
Purl
pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2012%20SP4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.12.14-95.120.4

Ecosystem specific 

{
    "binaries": [
        {
            "dlm-kmp-default": "4.12.14-95.120.4",
            "gfs2-kmp-default": "4.12.14-95.120.4",
            "ocfs2-kmp-default": "4.12.14-95.120.4",
            "cluster-md-kmp-default": "4.12.14-95.120.4"
        }
    ]
}

SUSE:Linux Enterprise Live Patching 12 SP4 / kernel-default

Package

Name
kernel-default
Purl
pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.12.14-95.120.4

Ecosystem specific 

{
    "binaries": [
        {
            "kgraft-patch-4_12_14-95_120-default": "1-6.3.4",
            "kernel-default-kgraft": "4.12.14-95.120.4",
            "kernel-default-kgraft-devel": "4.12.14-95.120.4"
        }
    ]
}

SUSE:Linux Enterprise Live Patching 12 SP4 / kgraft-patch-SLE12-SP4_Update_34

Package

Name
kgraft-patch-SLE12-SP4_Update_34
Purl
pkg:rpm/suse/kgraft-patch-SLE12-SP4_Update_34&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1-6.3.4

Ecosystem specific 

{
    "binaries": [
        {
            "kgraft-patch-4_12_14-95_120-default": "1-6.3.4",
            "kernel-default-kgraft": "4.12.14-95.120.4",
            "kernel-default-kgraft-devel": "4.12.14-95.120.4"
        }
    ]
}

SUSE:Linux Enterprise Server 12 SP4-ESPOS / kernel-default

Package

Name
kernel-default
Purl
pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4-ESPOS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.12.14-95.120.4

Ecosystem specific 

{
    "binaries": [
        {
            "kernel-macros": "4.12.14-95.120.4",
            "kernel-devel": "4.12.14-95.120.4",
            "kernel-default-base": "4.12.14-95.120.4",
            "kernel-default": "4.12.14-95.120.4",
            "kernel-source": "4.12.14-95.120.4",
            "kernel-syms": "4.12.14-95.120.4",
            "kernel-default-devel": "4.12.14-95.120.4"
        }
    ]
}

SUSE:Linux Enterprise Server 12 SP4-ESPOS / kernel-source

Package

Name
kernel-source
Purl
pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4-ESPOS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.12.14-95.120.4

Ecosystem specific 

{
    "binaries": [
        {
            "kernel-macros": "4.12.14-95.120.4",
            "kernel-devel": "4.12.14-95.120.4",
            "kernel-default-base": "4.12.14-95.120.4",
            "kernel-default": "4.12.14-95.120.4",
            "kernel-source": "4.12.14-95.120.4",
            "kernel-syms": "4.12.14-95.120.4",
            "kernel-default-devel": "4.12.14-95.120.4"
        }
    ]
}

SUSE:Linux Enterprise Server 12 SP4-ESPOS / kernel-syms

Package

Name
kernel-syms
Purl
pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4-ESPOS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.12.14-95.120.4

Ecosystem specific 

{
    "binaries": [
        {
            "kernel-macros": "4.12.14-95.120.4",
            "kernel-devel": "4.12.14-95.120.4",
            "kernel-default-base": "4.12.14-95.120.4",
            "kernel-default": "4.12.14-95.120.4",
            "kernel-source": "4.12.14-95.120.4",
            "kernel-syms": "4.12.14-95.120.4",
            "kernel-default-devel": "4.12.14-95.120.4"
        }
    ]
}

SUSE:Linux Enterprise Server 12 SP4-LTSS / kernel-default

Package

Name
kernel-default
Purl
pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4-LTSS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.12.14-95.120.4

Ecosystem specific 

{
    "binaries": [
        {
            "kernel-macros": "4.12.14-95.120.4",
            "kernel-devel": "4.12.14-95.120.4",
            "kernel-default-base": "4.12.14-95.120.4",
            "kernel-default-man": "4.12.14-95.120.4",
            "kernel-default": "4.12.14-95.120.4",
            "kernel-source": "4.12.14-95.120.4",
            "kernel-syms": "4.12.14-95.120.4",
            "kernel-default-devel": "4.12.14-95.120.4"
        }
    ]
}

SUSE:Linux Enterprise Server 12 SP4-LTSS / kernel-source

Package

Name
kernel-source
Purl
pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4-LTSS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.12.14-95.120.4

Ecosystem specific 

{
    "binaries": [
        {
            "kernel-macros": "4.12.14-95.120.4",
            "kernel-devel": "4.12.14-95.120.4",
            "kernel-default-base": "4.12.14-95.120.4",
            "kernel-default-man": "4.12.14-95.120.4",
            "kernel-default": "4.12.14-95.120.4",
            "kernel-source": "4.12.14-95.120.4",
            "kernel-syms": "4.12.14-95.120.4",
            "kernel-default-devel": "4.12.14-95.120.4"
        }
    ]
}

SUSE:Linux Enterprise Server 12 SP4-LTSS / kernel-syms

Package

Name
kernel-syms
Purl
pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4-LTSS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.12.14-95.120.4

Ecosystem specific 

{
    "binaries": [
        {
            "kernel-macros": "4.12.14-95.120.4",
            "kernel-devel": "4.12.14-95.120.4",
            "kernel-default-base": "4.12.14-95.120.4",
            "kernel-default-man": "4.12.14-95.120.4",
            "kernel-default": "4.12.14-95.120.4",
            "kernel-source": "4.12.14-95.120.4",
            "kernel-syms": "4.12.14-95.120.4",
            "kernel-default-devel": "4.12.14-95.120.4"
        }
    ]
}