SUSE-SU-2023:4883-1

See a problem?
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2023:4883-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2023:4883-1
Related
Published
2023-12-15T10:41:00Z
Modified
2023-12-15T10:41:00Z
Summary
Security update for the Linux Kernel
Details

The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

  • CVE-2023-0461: Fixed use-after-free in icskulpdata (bsc#1208787).
  • CVE-2023-31083: Fixed race condition in hciuarttty_ioctl (bsc#1210780).
  • CVE-2023-39197: Fixed a out-of-bounds read in nfconntrackdccp_packet() (bsc#1216976).
  • CVE-2023-39198: Fixed a race condition leading to use-after-free in qxlmodedumb_create() (bsc#1216965).
  • CVE-2023-45863: Fixed a out-of-bounds write in fillkobjpath() (bsc#1216058).
  • CVE-2023-45871: Fixed an issue in the IGB driver, where the buffer size may not be adequate for frames larger than the MTU (bsc#1216259).
  • CVE-2023-5717: Fixed a heap out-of-bounds write vulnerability in the Performance Events component (bsc#1216584).

The following non-security bugs were fixed:

  • cpu/SMT: Allow enabling partial SMT states via sysfs (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588).
  • cpu/SMT: Create topologysmtthread_allowed() (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588).
  • cpu/SMT: Move SMT prototypes into cpu_smt.h (bsc#1214408).
  • cpu/SMT: Move smt/control simple exit cases earlier (bsc#1214408).
  • cpu/SMT: Remove topologysmtsupported() (bsc#1214408).
  • cpu/SMT: Store the current/max number of threads (bsc#1214408).
  • cpu/hotplug: Create SMT sysfs interface for all arches (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588).
  • dm-raid: remove useless checking in raid_message() (git-fixes).
  • l2tp: fix refcount leakage on PPPoL2TP sockets (git-fixes).
  • l2tp: fix {pppol2tp, l2tpdfs}seqstop() in case of seqfile overflow (git-fixes).
  • md/bitmap: always wake up mdthread in timeoutstore (git-fixes).
  • md/bitmap: factor out a helper to set timeout (git-fixes).
  • md/raid10: Do not add spare disk when recovery fails (git-fixes).
  • md/raid10: check slab-out-of-bounds in mdbitmapget_counter (git-fixes).
  • md/raid10: clean up mdaddnew_disk() (git-fixes).
  • md/raid10: fix io loss while replacement replace rdev (git-fixes).
  • md/raid10: fix leak of 'r10bio->remaining' for recovery (git-fixes).
  • md/raid10: fix memleak for 'conf->bio_split' (git-fixes).
  • md/raid10: fix memleak of md thread (git-fixes).
  • md/raid10: fix null-ptr-deref in raid10syncrequest (git-fixes).
  • md/raid10: fix null-ptr-deref of mreplace in raid10syncrequest (git-fixes).
  • md/raid10: fix overflow of md/safemodedelay (git-fixes).
  • md/raid10: fix wrong setting of maxcorrread_errors (git-fixes).
  • md/raid10: improve code of mrdev in raid10syncrequest (git-fixes).
  • md/raid10: prevent soft lockup while flush writes (git-fixes).
  • md/raid10: prioritize adding disk to 'removed' mirror (git-fixes).
  • md: Flush workqueue mdrdevmiscwq in mdalloc() (git-fixes).
  • md: add new workqueue for delete rdev (git-fixes).
  • md: avoid signed overflow in slot_store() (git-fixes).
  • md: do not return existing mddevs from mddevfindor_alloc (git-fixes).
  • md: factor out a mddevallocunit helper from mddev_find (git-fixes).
  • md: fix data corruption for raid456 when reshape restart while grow up (git-fixes).
  • md: fix deadlock causing by sysfs_notify (git-fixes).
  • md: fix incorrect declaration about claimrdev in mdimport_device (git-fixes).
  • md: flush mdrdevmiscwq for HOTADD_DISK case (git-fixes).
  • md: get sysfs entry after redundancy attr group create (git-fixes).
  • md: refactor mddevfindor_alloc (git-fixes).
  • md: remove lockbdev / unlockbdev (git-fixes).
  • mm, memcg: add memcgroupdisabled checks in vmpressure and swap-related functions (bsc#1190208 (MM functional and performance backports) bsc#1216759).
  • net-memcg: Fix scope of sockmem pressure indicators (bsc#1216759).
  • net: mana: Configure hwc timeout from hardware (bsc#1214037).
  • net: mana: Fix MANA VF unload when hardware is unresponsive (bsc#1214764).
  • powerpc/pseries: Honour current SMT state when DLPAR onlining CPUs (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588).
  • powerpc/pseries: Initialise CPU hotplug callbacks earlier (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588).
  • powerpc: Add HOTPLUG_SMT support (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588). Update config files.
  • ring-buffer: Avoid softlockup in ringbufferresize() (git-fixes).
  • s390/cio: unregister device when the only path is gone (git-fixes bsc#1217607).
  • s390/cmma: fix detection of DAT pages (LTC#203996 bsc#1217087).
  • s390/cmma: fix handling of swapperpgdir and invalidpgdir (LTC#203996 bsc#1217087).
  • s390/cmma: fix initial kernel address space page table walk (LTC#203996 bsc#1217087).
  • s390/crashdump: fix TOD programmable field size (git-fixes bsc#1217206).
  • s390/dasd: protect device queue against concurrent access (git-fixes bsc#1217519).
  • s390/dasd: use correct number of retries for ERP requests (git-fixes bsc#1217604).
  • s390/mm: add missing archsetpage_dat() call to gmap allocations (LTC#203996 bsc#1217087).
  • s390/mm: add missing archsetpagedat() call to vmemcrst_alloc() (LTC#203996 bsc#1217087).
  • s390/ptrace: fix PTRACEGETLAST_BREAK error handling (git-fixes bsc#1217603).
  • scsi: qla2xxx: Fix double free of dsd_list during driver load (git-fixes).
  • scsi: qla2xxx: Use FIELD_GET() to extract PCIe capability fields (git-fixes).
  • tracing: Increase PERFMAXTRACE_SIZE to handle Sentinel1 and docker together (bsc#1216031).
  • usb-storage: fix deadlock when a scsi command timeouts more than once (git-fixes).
  • usb: serial: option: add Quectel RM500U-CN modem (git-fixes).
  • usb: serial: option: add Telit FE990 compositions (git-fixes).
  • usb: serial: option: add UNISOC vendor and TOZED LT70C product (git-fixes).
  • usb: typec: tcpm: Fix altmode re-registration causes sysfs create fail (git-fixes).
  • xfs: fix units conversion error in xfsbmapdelextentdelay (git-fixes).
  • xfs: make sure maxlen is still congruent with prod when rounding down (git-fixes).
  • xfs: reserve data and rt quota at the same time (bsc#1203496).
References

Affected packages

SUSE:Linux Enterprise Server 12 SP5 / kernel-azure

Package

Name
kernel-azure
Purl
purl:rpm/suse/kernel-azure&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.12.14-16.160.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-azure": "4.12.14-16.160.1",
            "kernel-azure-devel": "4.12.14-16.160.1",
            "kernel-devel-azure": "4.12.14-16.160.1",
            "kernel-syms-azure": "4.12.14-16.160.1",
            "kernel-azure-base": "4.12.14-16.160.1",
            "kernel-source-azure": "4.12.14-16.160.1"
        }
    ]
}

SUSE:Linux Enterprise Server 12 SP5 / kernel-source-azure

Package

Name
kernel-source-azure
Purl
purl:rpm/suse/kernel-source-azure&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.12.14-16.160.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-azure": "4.12.14-16.160.1",
            "kernel-azure-devel": "4.12.14-16.160.1",
            "kernel-devel-azure": "4.12.14-16.160.1",
            "kernel-syms-azure": "4.12.14-16.160.1",
            "kernel-azure-base": "4.12.14-16.160.1",
            "kernel-source-azure": "4.12.14-16.160.1"
        }
    ]
}

SUSE:Linux Enterprise Server 12 SP5 / kernel-syms-azure

Package

Name
kernel-syms-azure
Purl
purl:rpm/suse/kernel-syms-azure&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.12.14-16.160.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-azure": "4.12.14-16.160.1",
            "kernel-azure-devel": "4.12.14-16.160.1",
            "kernel-devel-azure": "4.12.14-16.160.1",
            "kernel-syms-azure": "4.12.14-16.160.1",
            "kernel-azure-base": "4.12.14-16.160.1",
            "kernel-source-azure": "4.12.14-16.160.1"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 12 SP5 / kernel-azure

Package

Name
kernel-azure
Purl
purl:rpm/suse/kernel-azure&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.12.14-16.160.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-azure": "4.12.14-16.160.1",
            "kernel-azure-devel": "4.12.14-16.160.1",
            "kernel-devel-azure": "4.12.14-16.160.1",
            "kernel-syms-azure": "4.12.14-16.160.1",
            "kernel-azure-base": "4.12.14-16.160.1",
            "kernel-source-azure": "4.12.14-16.160.1"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 12 SP5 / kernel-source-azure

Package

Name
kernel-source-azure
Purl
purl:rpm/suse/kernel-source-azure&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.12.14-16.160.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-azure": "4.12.14-16.160.1",
            "kernel-azure-devel": "4.12.14-16.160.1",
            "kernel-devel-azure": "4.12.14-16.160.1",
            "kernel-syms-azure": "4.12.14-16.160.1",
            "kernel-azure-base": "4.12.14-16.160.1",
            "kernel-source-azure": "4.12.14-16.160.1"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 12 SP5 / kernel-syms-azure

Package

Name
kernel-syms-azure
Purl
purl:rpm/suse/kernel-syms-azure&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.12.14-16.160.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-azure": "4.12.14-16.160.1",
            "kernel-azure-devel": "4.12.14-16.160.1",
            "kernel-devel-azure": "4.12.14-16.160.1",
            "kernel-syms-azure": "4.12.14-16.160.1",
            "kernel-azure-base": "4.12.14-16.160.1",
            "kernel-source-azure": "4.12.14-16.160.1"
        }
    ]
}