SUSE-SU-2023:1801-1

Source
https://www.suse.com/support/update/announcement/2023/suse-su-20231801-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2023:1801-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2023:1801-1
Related
Published
2023-04-10T08:26:05Z
Modified
2023-04-10T08:26:05Z
Summary
Security update for the Linux Kernel
Details

The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

  • CVE-2017-5753: Fixed spectre V1 vulnerability on netlink (bsc#1209547).
  • CVE-2017-5753: Fixed spectre vulnerability in prlimit (bsc#1209256).
  • CVE-2021-3923: Fixed stack information leak vulnerability that could lead to kernel protection bypass in infiniband RDMA (bsc#1209778).
  • CVE-2022-20567: Fixed use after free that could lead to a local privilege escalation in pppol2tpcreate of l2tpppp.c (bsc#1208850).
  • CVE-2023-0590: Fixed race condition in qdisc_graft() (bsc#1207795).
  • CVE-2023-1076: Fixed incorrect UID assigned to tun/tap sockets (bsc#1208599).
  • CVE-2023-1095: Fixed a NULL pointer dereference in nf_tables due to zeroed list head (bsc#1208777).
  • CVE-2023-1281: Fixed use after free that could lead to privilege escalation in tcindex (bsc#1209634).
  • CVE-2023-1390: Fixed remote DoS vulnerability in tipclinkxmit() (bsc#1209289).
  • CVE-2023-1513: Fixed an uninitialized portions of the kvm_debugregs structure that could be copied to userspace, causing an information leak (bsc#1209532).
  • CVE-2023-23454: Fixed a type-confusion in the CBQ network scheduler (bsc#1207036).
  • CVE-2023-23455: Fixed a denial of service inside atmtcenqueue in net/sched/schatm.c because of type confusion (non-negative numbers can sometimes indicate a TCACT_SHOT condition rather than valid classification results) (bsc#1207125).
  • CVE-2023-28328: Fixed a denial of service issue in az6027 driver in drivers/media/usb/dev-usb/az6027.c (bsc#1209291).
  • CVE-2023-28464: Fixed user-after-free that could lead to privilege escalation in hciconncleanup in net/bluetooth/hci_conn.c (bsc#1209052).
  • CVE-2023-28772: Fixed buffer overflow in seqbufputmemhex in lib/seqbuf.c (bsc#1209549).

The following non-security bugs were fixed:

  • ARM: 8702/1: head-common.S: Clear lr before jumping to start_kernel() (git-fixes)
  • Bluetooth: btusb: Add VID:PID 13d3:3529 for Realtek RTL8821CE (git-fixes).
  • Bluetooth: btusb: do not call kfreeskb() under spinlock_irqsave() (git-fixes).
  • Input: atmelmxtts - fix double free in mxtreadinfo_block (git-fixes).
  • KVM: arm64: Hide system instruction access to Trace registers (git-fixes)
  • NFSv4: Fix hangs when recovering open state after a server reboot (git-fixes).
  • PCI/MSI: Enforce MSI entry updates to be visible (git-fixes).
  • PCI/MSI: Enforce that MSI-X table entry is masked for update (git-fixes).
  • PCI/MSI: Mask all unused MSI-X entries (git-fixes).
  • PCI/MSI: Skip masking MSI-X on Xen PV (git-fixes).
  • PCI/PM: Always return devices to D0 when thawing (git-fixes).
  • PCI/PM: Avoid using devicemaywakeup() for runtime PM (git-fixes).
  • PCI: Add ACS quirk for Intel Root Complex Integrated Endpoints (git-fixes).
  • PCI: Add ACS quirk for iProc PAXB (git-fixes).
  • PCI: Avoid FLR for AMD Matisse HD Audio & USB 3.0 (git-fixes).
  • PCI: Avoid FLR for AMD Starship USB 3.0 (git-fixes).
  • PCI: Make ACS quirk implementations more uniform (git-fixes).
  • PCI: PM: Avoid forcing PCI_D0 for wakeup reasons inconsistently (git-fixes).
  • PCI: PM: Avoid skipping bus-level PM on platforms without ACPI (git-fixes).
  • PCI: Unify ACS quirk desired vs provided checking (git-fixes).
  • PCI: Use pciupdatecurrentstate() in pcienabledeviceflags() (git-fixes).
  • PCI: aardvark: Do not blindly enable ASPM L0s and do not write to read-only register (git-fixes).
  • PCI: aardvark: Do not rely on jiffies while holding spinlock (git-fixes).
  • PCI: aardvark: Do not touch PCIe registers if no card connected (git-fixes).
  • PCI: aardvark: Fix a leaked reference by adding missing ofnodeput() (git-fixes).
  • PCI: aardvark: Fix checking for PIO Non-posted Request (git-fixes).
  • PCI: aardvark: Fix kernel panic during PIO transfer (git-fixes).
  • PCI: aardvark: Improve link training (git-fixes).
  • PCI: aardvark: Indicate error in 'val' when config read fails (git-fixes).
  • PCI: aardvark: Introduce an advkpcievalid_device() helper (git-fixes).
  • PCI: aardvark: Remove PCIe outbound window configuration (git-fixes).
  • PCI: aardvark: Train link immediately after enabling training (git-fixes).
  • PCI: aardvark: Wait for endpoint to be ready before training link (git-fixes).
  • PCI: endpoint: Cast the page number to physaddrt (git-fixes).
  • PCI: endpoint: Fix for concurrent memory allocation in OB address region (git-fixes).
  • PCI: hv: Add a per-bus mutex state_lock (bsc#1207001).
  • PCI: hv: Fix a race condition in hvirqunmask() that can cause panic (bsc#1207001).
  • PCI: hv: Remove the useless hvpcichildstate from struct hvpcidev (bsc#1207001).
  • PCI: hv: fix a race condition bug in hvpciquery_relations() (bsc#1207001).
  • PCI: qcom: Use PHYREFCLKUSE_PAD only for ipq8064 (git-fixes).
  • PCI: tegra: Fix OF node reference leak (git-fixes).
  • PCI: xgene-msi: Fix race in installing chained irq handler (git-fixes).
  • PM: hibernate: flush swap writer after marking (git-fixes).
  • README.BRANCH: Adding myself to the maintainer list
  • Revert 'PCI: hv: Fix a timing issue which causes kdump to fail occasionally' (bsc#1207001).
  • Revert 'arm64: dts: juno: add dma-ranges property' (git-fixes)
  • Revert 'mei: me: enable asynchronous probing' (bsc#1208048, bsc#1209126).
  • SUNRPC: Fix a server shutdown leak (git-fixes).
  • applicom: Fix PCI device refcount leak in applicom_init() (git-fixes).
  • arm64/alternatives: do not patch up internal branches (git-fixes)
  • arm64/alternatives: move length validation inside the subsection (git-fixes)
  • arm64/alternatives: use subsections for replacement sequences (git-fixes)
  • arm64/cpufeature: Fix field sign for DIT hwcap detection (git-fixes)
  • arm64/mm: fix variable 'pud' set but not used (git-fixes)
  • arm64/mm: return cpuallmask when node is NUMANONODE (git-fixes)
  • arm64/vdso: Discard .note.gnu.property sections in vDSO (git-fixes)
  • arm64: Discard .note.GNU-stack section (bsc#1203693 bsc#1209798).
  • arm64: Do not forget syscall when starting a new thread. (git-fixes)
  • arm64: Fix compiler warning from pte_unmap() with (git-fixes)
  • arm64: Mark _stackchkguard as _roafterinit (git-fixes)
  • arm64: Use testtskthreadflag() for checking TIFSINGLESTEP (git-fixes)
  • arm64: cmpxchg_double*: hazard against entire exchange variable (git-fixes)
  • arm64: cpuops: fix a leaked reference by adding missing ofnode_put (git-fixes)
  • arm64: fix oops in concurrently setting insn_emulation sysctls (git-fixes)
  • arm64: kaslr: Reserve size of ARM64MEMSTARTALIGN in linear region (git-fixes)
  • arm64: kprobe: make page to RO mode when allocate it (git-fixes)
  • arm64: kpti: ensure patched kernel text is fetched from PoU (git-fixes)
  • arm64: psci: Avoid printing in cpupscicpu_die() (git-fixes)
  • arm64: psci: Reduce the waiting time for cpupscicpu_kill() (git-fixes)
  • arm64: unwind: Prohibit probing on return_address() (git-fixes)
  • crypto: arm64 - Fix unused variable compilation warnings of (git-fixes)
  • dt-bindings: reset: meson8b: fix duplicate reset IDs (git-fixes).
  • ftrace: Fix invalid address access in lookup_rec() when index is 0 (git-fixes).
  • ima: Fix function name error in comment (git-fixes).
  • ipv4: route: fix inetrtmgetroute induced crash (git-fixes).
  • kabi: PCI: endpoint: Fix for concurrent memory allocation in OB address region (git-fixes).
  • kfifo: fix ternary sign extension bugs (git-fixes).
  • kgdb: Drop malformed kernel doc comment (git-fixes).
  • net: usb: lan78xx: Limit packet length to skb->len (git-fixes).
  • net: usb: qmi_wwan: Adding support for Cinterion MV31 (git-fixes).
  • net: usb: smsc75xx: Limit packet length to skb->len (git-fixes).
  • net: usb: smsc75xx: Move packet length check to prevent kernel panic in skb_pull (git-fixes).
  • net: usb: smsc95xx: Limit packet length to skb->len (git-fixes).
  • powerpc/btext: add missing ofnodeput (bsc#1065729).
  • powerpc/powernv/ioda: Skip unallocated resources when mapping to PE (bsc#1065729).
  • powerpc/pseries/lpar: add missing RTAS retry status handling (bsc#1109158 ltc#169177 git-fixes).
  • powerpc/pseries/lparcfg: add missing RTAS retry status handling (bsc#1065729).
  • powerpc/rtas: ensure 4KB alignment for rtasdatabuf (bsc#1065729).
  • powerpc/xics: fix refcount leak in icpopalinit() (bsc#1065729).
  • ppc64le: HWPOISON_INJECT=m (bsc#1209572).
  • ring-buffer: remove obsolete comment for freebufferpage() (git-fixes).
  • s390/vfio-ap: fix memory leak in vfio_ap device driver (git-fixes).
  • sbitmap: Avoid lockups when waker gets preempted (bsc#1209118).
  • scsi: lpfc: Return DIDTRANSPORTDISRUPTED instead of DID_REQUEUE (bsc#1199837).
  • scsi: qla2xxx: Synchronize the IOCB count to be in order (bsc#1209292 bsc#1209684 bsc#1209556).
  • timers/schedclock: Prevent generic schedclock wrap caused by tick_freeze() (git-fixes).
  • timers: Clear timerbase::mustforward_clk with (bsc#1207890)
  • tracing/hwlat: Replace schedsetaffinity with setcpusallowedptr (git-fixes).
  • tracing: Add NULL checks for buffer in ringbufferfreereadpage() (git-fixes).
  • usb: chipidea: fix deadlock in ciotgdel_timer (git-fixes).
  • usb: dwc3: exynos: Fix remove() function (git-fixes).
  • usb: dwc3: gadget: Stop processing more requests on IMI (git-fixes).
  • usb: misc: iowarrior: fix up header size for USBDEVICEIDCODEMERCSIOW100 (git-fixes).
  • usb: typec: altmodes/displayport: Fix probe pin assign check (git-fixes).
  • x86/PCI: Fix PCI IRQ routing table memory leak (git-fixes).
  • x86/apic: Add name to irq chip (bsc#1206010).
  • x86/apic: Deinline x2apic functions (bsc#1181001 jsc#ECO-3191).
  • x86/atomic: Fix smpmb{before,after}atomic() (git-fixes).
  • x86/build: Add 'set -e' to mkcapflags.sh to delete broken capflags.c (git-fixes).
  • x86/ia32: Fix ia32restoresigcontext() AC leak (git-fixes).
  • x86/ioapic: Force affinity setup before startup (bsc#1193231).
  • x86/irq/64: Limit IST stack overflow check to #DB stack (git-fixes).
  • x86/mm: Remove innmi() warning from 64-bit implementation of vmallocfault() (git-fixes).
  • x86/paravirt: Fix callee-saved function ELF sizes (git-fixes).
  • x86/power: Fix 'nosmt' vs hibernation triple fault during resume (git-fixes).
  • x86/stacktrace: Prevent infinite loop in archstackwalk_user() (git-fixes).
  • x86/uaccess, signal: Fix AC=1 bloat (git-fixes).
  • x86/x2apic: Mark setx2apicphysmode() as _init (bsc#1181001 jsc#ECO-3191).
  • x86/xen: Fix memory leak in xeninitlock_cpu() (git-fixes).
  • x86/xen: Fix memory leak in xensmpintrinit{pv}() (git-fixes).
  • xen-netfront: Fix NULL sring after live migration (git-fixes).
  • xen-netfront: Fix mismatched rtnl_unlock (git-fixes).
  • xen-netfront: Fix race between device setup and open (git-fixes).
  • xen-netfront: Update features after registering netdev (git-fixes).
  • xen-netfront: enable device after manual module load (git-fixes).
  • xen-netfront: fix potential deadlock in xennet_remove() (git-fixes).
  • xen-netfront: wait xenbus state change when load module manually (git-fixes).
  • xen/netfront: fix waiting for xenbus state change (git-fixes).
  • xen/netfront: stop tx queues during live migration (git-fixes).
  • xen/platform-pci: add missing free_irq() in error path (git-fixes).
References

Affected packages

SUSE:Linux Enterprise Server 12 SP5 / kernel-azure

Package

Name
kernel-azure
Purl
pkg:rpm/suse/kernel-azure&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.12.14-16.130.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-azure": "4.12.14-16.130.1",
            "kernel-azure-devel": "4.12.14-16.130.1",
            "kernel-devel-azure": "4.12.14-16.130.1",
            "kernel-syms-azure": "4.12.14-16.130.1",
            "kernel-azure-base": "4.12.14-16.130.1",
            "kernel-source-azure": "4.12.14-16.130.1"
        }
    ]
}

SUSE:Linux Enterprise Server 12 SP5 / kernel-source-azure

Package

Name
kernel-source-azure
Purl
pkg:rpm/suse/kernel-source-azure&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.12.14-16.130.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-azure": "4.12.14-16.130.1",
            "kernel-azure-devel": "4.12.14-16.130.1",
            "kernel-devel-azure": "4.12.14-16.130.1",
            "kernel-syms-azure": "4.12.14-16.130.1",
            "kernel-azure-base": "4.12.14-16.130.1",
            "kernel-source-azure": "4.12.14-16.130.1"
        }
    ]
}

SUSE:Linux Enterprise Server 12 SP5 / kernel-syms-azure

Package

Name
kernel-syms-azure
Purl
pkg:rpm/suse/kernel-syms-azure&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.12.14-16.130.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-azure": "4.12.14-16.130.1",
            "kernel-azure-devel": "4.12.14-16.130.1",
            "kernel-devel-azure": "4.12.14-16.130.1",
            "kernel-syms-azure": "4.12.14-16.130.1",
            "kernel-azure-base": "4.12.14-16.130.1",
            "kernel-source-azure": "4.12.14-16.130.1"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 12 SP5 / kernel-azure

Package

Name
kernel-azure
Purl
pkg:rpm/suse/kernel-azure&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.12.14-16.130.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-azure": "4.12.14-16.130.1",
            "kernel-azure-devel": "4.12.14-16.130.1",
            "kernel-devel-azure": "4.12.14-16.130.1",
            "kernel-syms-azure": "4.12.14-16.130.1",
            "kernel-azure-base": "4.12.14-16.130.1",
            "kernel-source-azure": "4.12.14-16.130.1"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 12 SP5 / kernel-source-azure

Package

Name
kernel-source-azure
Purl
pkg:rpm/suse/kernel-source-azure&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.12.14-16.130.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-azure": "4.12.14-16.130.1",
            "kernel-azure-devel": "4.12.14-16.130.1",
            "kernel-devel-azure": "4.12.14-16.130.1",
            "kernel-syms-azure": "4.12.14-16.130.1",
            "kernel-azure-base": "4.12.14-16.130.1",
            "kernel-source-azure": "4.12.14-16.130.1"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 12 SP5 / kernel-syms-azure

Package

Name
kernel-syms-azure
Purl
pkg:rpm/suse/kernel-syms-azure&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.12.14-16.130.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-azure": "4.12.14-16.130.1",
            "kernel-azure-devel": "4.12.14-16.130.1",
            "kernel-devel-azure": "4.12.14-16.130.1",
            "kernel-syms-azure": "4.12.14-16.130.1",
            "kernel-azure-base": "4.12.14-16.130.1",
            "kernel-source-azure": "4.12.14-16.130.1"
        }
    ]
}