SUSE-SU-2023:0406-1: important: Security update for the Linux Kernel

sle-security-updates at lists.suse.com sle-security-updates at lists.suse.com
Tue Feb 14 17:20:24 UTC 2023


   SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________

Announcement ID:    SUSE-SU-2023:0406-1
Rating:             important
References:         #1203183 #1203693 #1203740 #1204171 #1204614 
                    #1204760 #1205149 #1206073 #1206113 #1206114 
                    #1206314 #1206389 #1206393 #1206395 #1206398 
                    #1206399 #1206515 #1206664 #1206677 #1206784 
                    #1207036 #1207125 #1207134 #1207186 #1207188 
                    #1207189 #1207190 #1207237 #1207769 #1207823 
                    PED-1706 
Cross-References:   CVE-2022-3105 CVE-2022-3107 CVE-2022-3108
                    CVE-2022-3112 CVE-2022-3115 CVE-2022-3435
                    CVE-2022-3564 CVE-2022-3643 CVE-2022-42328
                    CVE-2022-42329 CVE-2022-4662 CVE-2022-47520
                    CVE-2022-47929 CVE-2023-0266 CVE-2023-23454
                    CVE-2023-23455
CVSS scores:
                    CVE-2022-3105 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2022-3105 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2022-3107 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2022-3107 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2022-3108 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2022-3108 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2022-3112 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2022-3112 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2022-3115 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2022-3115 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2022-3435 (NVD) : 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
                    CVE-2022-3435 (SUSE): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H
                    CVE-2022-3564 (NVD) : 7.1 CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-3564 (SUSE): 8 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-3643 (NVD) : 10 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
                    CVE-2022-3643 (SUSE): 6.3 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
                    CVE-2022-42328 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2022-42328 (SUSE): 5.7 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2022-42329 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2022-42329 (SUSE): 5.7 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2022-4662 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2022-4662 (SUSE): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2022-47520 (NVD) : 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
                    CVE-2022-47520 (SUSE): 8.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:L
                    CVE-2022-47929 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2022-47929 (SUSE): 4.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H
                    CVE-2023-0266 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2023-0266 (SUSE): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2023-23454 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2023-23454 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2023-23455 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2023-23455 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected Products:
                    SUSE Enterprise Storage 7
                    SUSE Linux Enterprise High Availability 15-SP2
                    SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
                    SUSE Linux Enterprise Module for Live Patching 15-SP2
                    SUSE Linux Enterprise Server 15-SP2-LTSS
                    SUSE Linux Enterprise Server for SAP 15-SP2
______________________________________________________________________________

   An update that solves 16 vulnerabilities, contains one
   feature and has 14 fixes is now available.

Description:

   The SUSE Linux Enterprise 15 SP2 LTSS kernel was updated to receive
   various security and bugfixes.


   The following security bugs were fixed:

   - CVE-2023-23455: Fixed a denial of service inside atm_tc_enqueue in
     net/sched/sch_atm.c because of type confusion (non-negative numbers can
     sometimes indicate a TC_ACT_SHOT condition rather than valid
     classification results) (bsc#1207125).
   - CVE-2023-23454: Fixed denial or service in cbq_classify in
     net/sched/sch_cbq.c (bnc#1207036).
   - CVE-2023-0266: Fixed a use-after-free vulnerability inside the ALSA PCM
     package. SNDRV_CTL_IOCTL_ELEM_{READ|WRITE}32 was missing locks that
     could have been used in a use-after-free that could have resulted in a
     priviledge escalation to gain ring0 access from the system user
     (bsc#1207134).
   - CVE-2022-47929: Fixed NULL pointer dereference bug in the traffic
     control subsystem (bnc#1207237).
   - CVE-2022-47520: Fixed a out-of-bounds read when parsing a Robust
     Security Network (RSN) information element from a Netlink packet in the
     WILC1000 wireless driver (bsc#1206515).
   - CVE-2022-4662: Fixed incorrect access control in the USB core subsystem
     that could lead a local user to crash the system (bnc#1206664).
   - CVE-2022-42328, CVE-2022-42329: Fixed deadlock inside the netback driver
     that could have been triggered from a VM guest (bnc#1206114).
   - CVE-2022-3643: Fixed reset/abort/crash via netback from VM guest
     (bnc#1206113).
   - CVE-2022-3564: Fixed use-after-free in l2cap_core.c of the Bluetooth
     component (bnc#1206073).
   - CVE-2022-3435: Fixed a out-of-bounds read in function fib_nh_match of
     the file net/ipv4/fib_semantics.c. It is possible to initiate the attack
     remotely (bnc#1204171).
   - CVE-2022-3115: Fixed a null pointer dereference inside malidp_crtc_reset
     in drivers/gpu/drm/arm/malidp_crtc.c that lacked a check of the return
     value of kzalloc() (bnc#1206393).
   - CVE-2022-3112: Fixed a null pointer dereference in amvdec_set_canvases
     in drivers/staging/media/meson/vdec/vdec_helpers.c that lacked a check
     of the return value of kzalloc() (bnc#1206399).
   - CVE-2022-3108: Fixed missing check of return value of kmemdup()
     (bnc#1206389).
   - CVE-2022-3107: Fixed missing check of return value of kvmalloc_array()
     (bnc#1206395).
   - CVE-2022-3105: Fixed missing check of kmalloc_array() in uapi_finalize
     in drivers/infiniband/core/uverbs_uapi.c (bnc#1206398).

   The following non-security bugs were fixed:

   - HID: betop: check shape of output reports (git-fixes, bsc#1207186).
   - HID: check empty report_list in bigben_probe() (git-fixes, bsc#1206784).
   - HID: check empty report_list in hid_validate_values() (git-fixes,
     bsc#1206784).
   - NFS: Handle missing attributes in OPEN reply (bsc#1203740).
   - constraints: increase disk space for all architectures (bsc#1203693).
   - ipv6: ping: fix wrong checksum for large frames (bsc#1203183).
   - mm: /proc/pid/smaps_rollup: fix no vma's null-deref (bsc#1207769).
   - net: sched: atm: dont intepret cls results when asked to drop
     (bsc#1207036).
   - net: sched: cbq: dont intepret cls results when asked to drop
     (bsc#1207036).
   - netfilter: nfnetlink_osf: fix possible bogus match in nf_osf_find()
     (bsc#1204614).
   - rpm: suse-kernel-rpm-scriptlets to kmp buildreqs (boo#1205149).
   - sctp: fail if no bound addresses can be used for a given scope
     (bsc#1206677).
   - sctp: sysctl: make extra pointers netns aware (bsc#1204760).


Special Instructions and Notes:

   Please reboot the system after installing this update.

Patch Instructions:

   To install this SUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Server for SAP 15-SP2:

      zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2023-406=1

   - SUSE Linux Enterprise Server 15-SP2-LTSS:

      zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2023-406=1

   - SUSE Linux Enterprise Module for Live Patching 15-SP2:

      zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP2-2023-406=1

      Please note that this is the initial kernel livepatch without fixes
      itself, this livepatch package is later updated by seperate standalone
      livepatch updates.

   - SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:

      zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2023-406=1

   - SUSE Linux Enterprise High Availability 15-SP2:

      zypper in -t patch SUSE-SLE-Product-HA-15-SP2-2023-406=1

   - SUSE Enterprise Storage 7:

      zypper in -t patch SUSE-Storage-7-2023-406=1



Package List:

   - SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):

      kernel-default-5.3.18-150200.24.142.1
      kernel-default-base-5.3.18-150200.24.142.1.150200.9.67.1
      kernel-default-debuginfo-5.3.18-150200.24.142.1
      kernel-default-debugsource-5.3.18-150200.24.142.1
      kernel-default-devel-5.3.18-150200.24.142.1
      kernel-default-devel-debuginfo-5.3.18-150200.24.142.1
      kernel-obs-build-5.3.18-150200.24.142.1
      kernel-obs-build-debugsource-5.3.18-150200.24.142.1
      kernel-syms-5.3.18-150200.24.142.1
      reiserfs-kmp-default-5.3.18-150200.24.142.1
      reiserfs-kmp-default-debuginfo-5.3.18-150200.24.142.1

   - SUSE Linux Enterprise Server for SAP 15-SP2 (noarch):

      kernel-devel-5.3.18-150200.24.142.1
      kernel-docs-5.3.18-150200.24.142.1
      kernel-macros-5.3.18-150200.24.142.1
      kernel-source-5.3.18-150200.24.142.1

   - SUSE Linux Enterprise Server for SAP 15-SP2 (x86_64):

      kernel-preempt-5.3.18-150200.24.142.1
      kernel-preempt-debuginfo-5.3.18-150200.24.142.1
      kernel-preempt-debugsource-5.3.18-150200.24.142.1
      kernel-preempt-devel-5.3.18-150200.24.142.1
      kernel-preempt-devel-debuginfo-5.3.18-150200.24.142.1

   - SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):

      kernel-default-5.3.18-150200.24.142.1
      kernel-default-base-5.3.18-150200.24.142.1.150200.9.67.1
      kernel-default-debuginfo-5.3.18-150200.24.142.1
      kernel-default-debugsource-5.3.18-150200.24.142.1
      kernel-default-devel-5.3.18-150200.24.142.1
      kernel-default-devel-debuginfo-5.3.18-150200.24.142.1
      kernel-obs-build-5.3.18-150200.24.142.1
      kernel-obs-build-debugsource-5.3.18-150200.24.142.1
      kernel-syms-5.3.18-150200.24.142.1
      reiserfs-kmp-default-5.3.18-150200.24.142.1
      reiserfs-kmp-default-debuginfo-5.3.18-150200.24.142.1

   - SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 x86_64):

      kernel-preempt-5.3.18-150200.24.142.1
      kernel-preempt-debuginfo-5.3.18-150200.24.142.1
      kernel-preempt-debugsource-5.3.18-150200.24.142.1
      kernel-preempt-devel-5.3.18-150200.24.142.1
      kernel-preempt-devel-debuginfo-5.3.18-150200.24.142.1

   - SUSE Linux Enterprise Server 15-SP2-LTSS (noarch):

      kernel-devel-5.3.18-150200.24.142.1
      kernel-docs-5.3.18-150200.24.142.1
      kernel-macros-5.3.18-150200.24.142.1
      kernel-source-5.3.18-150200.24.142.1

   - SUSE Linux Enterprise Module for Live Patching 15-SP2 (ppc64le s390x x86_64):

      kernel-default-debuginfo-5.3.18-150200.24.142.1
      kernel-default-debugsource-5.3.18-150200.24.142.1
      kernel-default-livepatch-5.3.18-150200.24.142.1
      kernel-default-livepatch-devel-5.3.18-150200.24.142.1
      kernel-livepatch-5_3_18-150200_24_142-default-1-150200.5.3.1
      kernel-livepatch-SLE15-SP2_Update_33-debugsource-1-150200.5.3.1

   - SUSE Linux Enterprise Module for Live Patching 15-SP2 (ppc64le s390x):

      kernel-livepatch-5_3_18-150200_24_142-default-debuginfo-1-150200.5.3.1

   - SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64):

      kernel-default-5.3.18-150200.24.142.1
      kernel-default-base-5.3.18-150200.24.142.1.150200.9.67.1
      kernel-default-debuginfo-5.3.18-150200.24.142.1
      kernel-default-debugsource-5.3.18-150200.24.142.1
      kernel-default-devel-5.3.18-150200.24.142.1
      kernel-default-devel-debuginfo-5.3.18-150200.24.142.1
      kernel-obs-build-5.3.18-150200.24.142.1
      kernel-obs-build-debugsource-5.3.18-150200.24.142.1
      kernel-preempt-5.3.18-150200.24.142.1
      kernel-preempt-debuginfo-5.3.18-150200.24.142.1
      kernel-preempt-debugsource-5.3.18-150200.24.142.1
      kernel-preempt-devel-5.3.18-150200.24.142.1
      kernel-preempt-devel-debuginfo-5.3.18-150200.24.142.1
      kernel-syms-5.3.18-150200.24.142.1

   - SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (noarch):

      kernel-devel-5.3.18-150200.24.142.1
      kernel-docs-5.3.18-150200.24.142.1
      kernel-macros-5.3.18-150200.24.142.1
      kernel-source-5.3.18-150200.24.142.1

   - SUSE Linux Enterprise High Availability 15-SP2 (aarch64 ppc64le s390x x86_64):

      cluster-md-kmp-default-5.3.18-150200.24.142.1
      cluster-md-kmp-default-debuginfo-5.3.18-150200.24.142.1
      dlm-kmp-default-5.3.18-150200.24.142.1
      dlm-kmp-default-debuginfo-5.3.18-150200.24.142.1
      gfs2-kmp-default-5.3.18-150200.24.142.1
      gfs2-kmp-default-debuginfo-5.3.18-150200.24.142.1
      kernel-default-debuginfo-5.3.18-150200.24.142.1
      kernel-default-debugsource-5.3.18-150200.24.142.1
      ocfs2-kmp-default-5.3.18-150200.24.142.1
      ocfs2-kmp-default-debuginfo-5.3.18-150200.24.142.1

   - SUSE Enterprise Storage 7 (aarch64 x86_64):

      kernel-default-5.3.18-150200.24.142.1
      kernel-default-base-5.3.18-150200.24.142.1.150200.9.67.1
      kernel-default-debuginfo-5.3.18-150200.24.142.1
      kernel-default-debugsource-5.3.18-150200.24.142.1
      kernel-default-devel-5.3.18-150200.24.142.1
      kernel-default-devel-debuginfo-5.3.18-150200.24.142.1
      kernel-obs-build-5.3.18-150200.24.142.1
      kernel-obs-build-debugsource-5.3.18-150200.24.142.1
      kernel-preempt-5.3.18-150200.24.142.1
      kernel-preempt-debuginfo-5.3.18-150200.24.142.1
      kernel-preempt-debugsource-5.3.18-150200.24.142.1
      kernel-preempt-devel-5.3.18-150200.24.142.1
      kernel-preempt-devel-debuginfo-5.3.18-150200.24.142.1
      kernel-syms-5.3.18-150200.24.142.1
      reiserfs-kmp-default-5.3.18-150200.24.142.1
      reiserfs-kmp-default-debuginfo-5.3.18-150200.24.142.1

   - SUSE Enterprise Storage 7 (noarch):

      kernel-devel-5.3.18-150200.24.142.1
      kernel-docs-5.3.18-150200.24.142.1
      kernel-macros-5.3.18-150200.24.142.1
      kernel-source-5.3.18-150200.24.142.1


References:

   https://www.suse.com/security/cve/CVE-2022-3105.html
   https://www.suse.com/security/cve/CVE-2022-3107.html
   https://www.suse.com/security/cve/CVE-2022-3108.html
   https://www.suse.com/security/cve/CVE-2022-3112.html
   https://www.suse.com/security/cve/CVE-2022-3115.html
   https://www.suse.com/security/cve/CVE-2022-3435.html
   https://www.suse.com/security/cve/CVE-2022-3564.html
   https://www.suse.com/security/cve/CVE-2022-3643.html
   https://www.suse.com/security/cve/CVE-2022-42328.html
   https://www.suse.com/security/cve/CVE-2022-42329.html
   https://www.suse.com/security/cve/CVE-2022-4662.html
   https://www.suse.com/security/cve/CVE-2022-47520.html
   https://www.suse.com/security/cve/CVE-2022-47929.html
   https://www.suse.com/security/cve/CVE-2023-0266.html
   https://www.suse.com/security/cve/CVE-2023-23454.html
   https://www.suse.com/security/cve/CVE-2023-23455.html
   https://bugzilla.suse.com/1203183
   https://bugzilla.suse.com/1203693
   https://bugzilla.suse.com/1203740
   https://bugzilla.suse.com/1204171
   https://bugzilla.suse.com/1204614
   https://bugzilla.suse.com/1204760
   https://bugzilla.suse.com/1205149
   https://bugzilla.suse.com/1206073
   https://bugzilla.suse.com/1206113
   https://bugzilla.suse.com/1206114
   https://bugzilla.suse.com/1206314
   https://bugzilla.suse.com/1206389
   https://bugzilla.suse.com/1206393
   https://bugzilla.suse.com/1206395
   https://bugzilla.suse.com/1206398
   https://bugzilla.suse.com/1206399
   https://bugzilla.suse.com/1206515
   https://bugzilla.suse.com/1206664
   https://bugzilla.suse.com/1206677
   https://bugzilla.suse.com/1206784
   https://bugzilla.suse.com/1207036
   https://bugzilla.suse.com/1207125
   https://bugzilla.suse.com/1207134
   https://bugzilla.suse.com/1207186
   https://bugzilla.suse.com/1207188
   https://bugzilla.suse.com/1207189
   https://bugzilla.suse.com/1207190
   https://bugzilla.suse.com/1207237
   https://bugzilla.suse.com/1207769
   https://bugzilla.suse.com/1207823



More information about the sle-security-updates mailing list