SUSE-SU-2023:3333-1

Source
https://www.suse.com/support/update/announcement/2023/suse-su-20233333-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2023:3333-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2023:3333-1
Related
Published
2023-08-16T10:45:46Z
Modified
2025-05-02T04:29:45.869903Z
Upstream
Summary
Security update for the Linux Kernel
Details

The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

  • CVE-2023-3268: Fixed an out of bounds memory access flaw in relayfilereadstartpos in the relayfs (bsc#1212502).
  • CVE-2023-3776: Fixed improper refcount update in cls_fw leads to use-after-free (bsc#1213588).
  • CVE-2022-40982: Fixed transient execution attack called 'Gather Data Sampling' (bsc#1206418).
  • CVE-2023-3567: Fixed a use-after-free in vcsread in drivers/tty/vt/vcscreen.c (bsc#1213167).
  • CVE-2023-0459: Fixed information leak in _uaccessbegin_nospec (bsc#1211738).
  • CVE-2023-20593: Fixed a ZenBleed issue in 'Zen 2' CPUs that could allow an attacker to potentially access sensitive information (bsc#1213286).
  • CVE-2018-3639: Fixed Speculative Store Bypass aka 'Memory Disambiguation' (bsc#1087082).
  • CVE-2017-18344: Fixed an OOB access led by an invalid check in timer_create. (bsc#1102851).
  • CVE-2022-45919: Fixed a use-after-free in dvbcaen50221.c that could occur if there is a disconnect after an open, because of the lack of a wait_event (bsc#1205803).
  • CVE-2023-35824: Fixed a use-after-free in dm1105_remove in drivers/media/pci/dm1105/dm1105.c (bsc#1212501).
  • CVE-2023-3161: Fixed shift-out-of-bounds in fbconsetfont() (bsc#1212154).
  • CVE-2023-3141: Fixed a use-after-free flaw in r592_remove in drivers/memstick/host/r592.c, that allowed local attackers to crash the system at device disconnect (bsc#1212129).
  • CVE-2023-3159: Fixed use-after-free issue in driver/firewire in outboundphypacket_callback (bsc#1212128).

The following non-security bugs were fixed:

  • fbcon: Check font dimension limits (CVE-2023-3161 bsc#1212154).
  • firewire: fix potential uaf in outboundphypacket_callback() (CVE-2023-3159 bsc#1212128).
  • kABI: restore copyfromuser on x8664 and copytouser on x86 (bsc#1211738 CVE-2023-0459).
  • media: dm1105: Fix use after free bug in dm1105_remove due to race condition (bsc#1212501 CVE-2023-35824).
  • media: dvb-core: Fix use-after-free due to race condition at dvbcaen50221 (CVE-2022-45919 bsc#1205803).
  • memstick: r592: Fix UAF bug in r592_remove due to race condition (CVE-2023-3141 bsc#1212129 bsc#1211449).
  • net/sched: cls_fw: Fix improper refcount update leads to use-after-free (CVE-2023-3776 bsc#1213588).
  • pktsched: fix error return code in fwchange_attrs() (bsc#1213588).
  • pktsched: fix error return code in fwchange_attrs() (bsc#1213588).
  • posix-timer: Properly check sigevent->sigev_notify (CVE-2017-18344, bsc#1102851, bsc#1208715).
  • relayfs: fix out-of-bounds access in relayfileread (bsc#1212502 CVE-2023-3268).
  • uaccess: Add speculation barrier to copyfromuser() (bsc#1211738 CVE-2023-0459).
  • vcscreen: don't clobber return value in vcsread (bsc#1213167 CVE-2023-3567).
  • vcscreen: modify vcssize() handling in vcs_read() (bsc#1213167 CVE-2023-3567).
  • vcscreen: move load of struct vcdata pointer in vcs_read() to avoid UAF (bsc#1213167 CVE-2023-3567).
  • x86: Unify copyfromuser() size checking (bsc#1211738 CVE-2023-0459).
  • x86/copyuser: Unify the code by removing the 64-bit asm _copy*_user() variants (bsc#1211738 CVE-2023-0459).
  • x86/cpu/amd: Add a Zenbleed fix (bsc#1213286, CVE-2023-20593).
  • x86/speculation: Add Gather Data Sampling mitigation (bsc#1206418, CVE-2022-40982).
References

Affected packages

SUSE:Linux Enterprise Server 11 SP4 LTSS EXTREME CORE / kernel-default

Package

Name
kernel-default
Purl
pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4%20LTSS%20EXTREME%20CORE

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.0.101-108.144.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-default-base": "3.0.101-108.144.1",
            "kernel-ec2": "3.0.101-108.144.1",
            "kernel-default": "3.0.101-108.144.1",
            "kernel-source": "3.0.101-108.144.1",
            "kernel-syms": "3.0.101-108.144.1",
            "kernel-trace": "3.0.101-108.144.1",
            "kernel-trace-devel": "3.0.101-108.144.1",
            "kernel-ec2-devel": "3.0.101-108.144.1",
            "kernel-ec2-base": "3.0.101-108.144.1",
            "kernel-xen-devel": "3.0.101-108.144.1",
            "kernel-xen-base": "3.0.101-108.144.1",
            "kernel-trace-base": "3.0.101-108.144.1",
            "kernel-xen": "3.0.101-108.144.1",
            "kernel-default-devel": "3.0.101-108.144.1"
        }
    ]
}

SUSE:Linux Enterprise Server 11 SP4 LTSS EXTREME CORE / kernel-ec2

Package

Name
kernel-ec2
Purl
pkg:rpm/suse/kernel-ec2&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4%20LTSS%20EXTREME%20CORE

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.0.101-108.144.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-default-base": "3.0.101-108.144.1",
            "kernel-ec2": "3.0.101-108.144.1",
            "kernel-default": "3.0.101-108.144.1",
            "kernel-source": "3.0.101-108.144.1",
            "kernel-syms": "3.0.101-108.144.1",
            "kernel-trace": "3.0.101-108.144.1",
            "kernel-trace-devel": "3.0.101-108.144.1",
            "kernel-ec2-devel": "3.0.101-108.144.1",
            "kernel-ec2-base": "3.0.101-108.144.1",
            "kernel-xen-devel": "3.0.101-108.144.1",
            "kernel-xen-base": "3.0.101-108.144.1",
            "kernel-trace-base": "3.0.101-108.144.1",
            "kernel-xen": "3.0.101-108.144.1",
            "kernel-default-devel": "3.0.101-108.144.1"
        }
    ]
}

SUSE:Linux Enterprise Server 11 SP4 LTSS EXTREME CORE / kernel-source

Package

Name
kernel-source
Purl
pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4%20LTSS%20EXTREME%20CORE

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.0.101-108.144.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-default-base": "3.0.101-108.144.1",
            "kernel-ec2": "3.0.101-108.144.1",
            "kernel-default": "3.0.101-108.144.1",
            "kernel-source": "3.0.101-108.144.1",
            "kernel-syms": "3.0.101-108.144.1",
            "kernel-trace": "3.0.101-108.144.1",
            "kernel-trace-devel": "3.0.101-108.144.1",
            "kernel-ec2-devel": "3.0.101-108.144.1",
            "kernel-ec2-base": "3.0.101-108.144.1",
            "kernel-xen-devel": "3.0.101-108.144.1",
            "kernel-xen-base": "3.0.101-108.144.1",
            "kernel-trace-base": "3.0.101-108.144.1",
            "kernel-xen": "3.0.101-108.144.1",
            "kernel-default-devel": "3.0.101-108.144.1"
        }
    ]
}

SUSE:Linux Enterprise Server 11 SP4 LTSS EXTREME CORE / kernel-syms

Package

Name
kernel-syms
Purl
pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4%20LTSS%20EXTREME%20CORE

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.0.101-108.144.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-default-base": "3.0.101-108.144.1",
            "kernel-ec2": "3.0.101-108.144.1",
            "kernel-default": "3.0.101-108.144.1",
            "kernel-source": "3.0.101-108.144.1",
            "kernel-syms": "3.0.101-108.144.1",
            "kernel-trace": "3.0.101-108.144.1",
            "kernel-trace-devel": "3.0.101-108.144.1",
            "kernel-ec2-devel": "3.0.101-108.144.1",
            "kernel-ec2-base": "3.0.101-108.144.1",
            "kernel-xen-devel": "3.0.101-108.144.1",
            "kernel-xen-base": "3.0.101-108.144.1",
            "kernel-trace-base": "3.0.101-108.144.1",
            "kernel-xen": "3.0.101-108.144.1",
            "kernel-default-devel": "3.0.101-108.144.1"
        }
    ]
}

SUSE:Linux Enterprise Server 11 SP4 LTSS EXTREME CORE / kernel-trace

Package

Name
kernel-trace
Purl
pkg:rpm/suse/kernel-trace&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4%20LTSS%20EXTREME%20CORE

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.0.101-108.144.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-default-base": "3.0.101-108.144.1",
            "kernel-ec2": "3.0.101-108.144.1",
            "kernel-default": "3.0.101-108.144.1",
            "kernel-source": "3.0.101-108.144.1",
            "kernel-syms": "3.0.101-108.144.1",
            "kernel-trace": "3.0.101-108.144.1",
            "kernel-trace-devel": "3.0.101-108.144.1",
            "kernel-ec2-devel": "3.0.101-108.144.1",
            "kernel-ec2-base": "3.0.101-108.144.1",
            "kernel-xen-devel": "3.0.101-108.144.1",
            "kernel-xen-base": "3.0.101-108.144.1",
            "kernel-trace-base": "3.0.101-108.144.1",
            "kernel-xen": "3.0.101-108.144.1",
            "kernel-default-devel": "3.0.101-108.144.1"
        }
    ]
}

SUSE:Linux Enterprise Server 11 SP4 LTSS EXTREME CORE / kernel-xen

Package

Name
kernel-xen
Purl
pkg:rpm/suse/kernel-xen&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4%20LTSS%20EXTREME%20CORE

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.0.101-108.144.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-default-base": "3.0.101-108.144.1",
            "kernel-ec2": "3.0.101-108.144.1",
            "kernel-default": "3.0.101-108.144.1",
            "kernel-source": "3.0.101-108.144.1",
            "kernel-syms": "3.0.101-108.144.1",
            "kernel-trace": "3.0.101-108.144.1",
            "kernel-trace-devel": "3.0.101-108.144.1",
            "kernel-ec2-devel": "3.0.101-108.144.1",
            "kernel-ec2-base": "3.0.101-108.144.1",
            "kernel-xen-devel": "3.0.101-108.144.1",
            "kernel-xen-base": "3.0.101-108.144.1",
            "kernel-trace-base": "3.0.101-108.144.1",
            "kernel-xen": "3.0.101-108.144.1",
            "kernel-default-devel": "3.0.101-108.144.1"
        }
    ]
}