SUSE-SU-2024:0129-1: important: Security update for the Linux Kernel
SLE-SECURITY-UPDATES
null at suse.de
Tue Jan 16 16:30:11 UTC 2024
# Security update for the Linux Kernel
Announcement ID: SUSE-SU-2024:0129-1
Rating: important
References:
* bsc#1179610
* bsc#1183045
* bsc#1193285
* bsc#1211162
* bsc#1211226
* bsc#1212584
* bsc#1214747
* bsc#1214823
* bsc#1215237
* bsc#1215696
* bsc#1215885
* bsc#1216057
* bsc#1216559
* bsc#1216776
* bsc#1217036
* bsc#1217217
* bsc#1217250
* bsc#1217602
* bsc#1217692
* bsc#1217790
* bsc#1217801
* bsc#1217933
* bsc#1217938
* bsc#1217946
* bsc#1217947
* bsc#1217980
* bsc#1217981
* bsc#1217982
* bsc#1218056
* bsc#1218139
* bsc#1218184
* bsc#1218234
* bsc#1218253
* bsc#1218258
* bsc#1218335
* bsc#1218357
* bsc#1218447
* bsc#1218515
* bsc#1218559
* bsc#1218569
* bsc#1218659
* jsc#PED-3459
* jsc#PED-5021
* jsc#PED-7322
Cross-References:
* CVE-2020-26555
* CVE-2023-51779
* CVE-2023-6121
* CVE-2023-6531
* CVE-2023-6546
* CVE-2023-6606
* CVE-2023-6610
* CVE-2023-6622
* CVE-2023-6931
* CVE-2023-6932
CVSS scores:
* CVE-2020-26555 ( SUSE ): 5.4 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
* CVE-2020-26555 ( NVD ): 5.4 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
* CVE-2023-51779 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-6121 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
* CVE-2023-6121 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
* CVE-2023-6531 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-6546 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-6546 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-6606 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
* CVE-2023-6606 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
* CVE-2023-6610 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
* CVE-2023-6610 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
* CVE-2023-6622 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-6622 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-6931 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-6931 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-6932 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-6932 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products:
* openSUSE Leap Micro 5.3
* openSUSE Leap Micro 5.4
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise Live Patching 15-SP4
* SUSE Linux Enterprise Micro 5.3
* SUSE Linux Enterprise Micro 5.4
* SUSE Linux Enterprise Micro for Rancher 5.3
* SUSE Linux Enterprise Micro for Rancher 5.4
* SUSE Linux Enterprise Real Time 15 SP4
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Real Time Module 15-SP4
An update that solves 10 vulnerabilities, contains three features and has 31
security fixes can now be installed.
## Description:
The SUSE Linux Enterprise 15 SP4 RT kernel was updated to receive various
security bugfixes.
The following security bugs were fixed:
* CVE-2023-6531: Fixed a use-after-free flaw due to a race problem in the unix
garbage collector's deletion of SKB races with unix_stream_read_generic() on
the socket that the SKB is queued on (bsc#1218447).
* CVE-2023-6610: Fixed an out of bounds read in the SMB client when printing
debug information (bsc#1217946).
* CVE-2023-51779: Fixed a use-after-free because of a bt_sock_ioctl race
condition in bt_sock_recvmsg (bsc#1218559).
* CVE-2020-26555: Fixed an issue during BR/EDR PIN code pairing in the
Bluetooth subsystem that would allow replay attacks (bsc#1179610
bsc#1215237).
* CVE-2023-6606: Fixed an out of bounds read in the SMB client when receiving
a malformed length from a server (bsc#1217947).
* CVE-2023-6546: Fixed a race condition in the GSM 0710 tty multiplexor via
the GSMIOC_SETCONF ioctl that could lead to local privilege escalation
(bsc#1218335).
* CVE-2023-6931: Fixed a heap out-of-bounds write vulnerability in the Linux
kernel's Performance Events system component that could lead to local
privilege escalation. (bsc#1218258).
* CVE-2023-6932: Fixed a use-after-free vulnerability in the Linux kernel's
ipv4: igmp component that could lead to local privilege escalation
(bsc#1218253).
* CVE-2023-6622: Fixed a null pointer dereference vulnerability in
nft_dynset_init() that could allow a local attacker with CAP_NET_ADMIN user
privilege to trigger a denial of service (bsc#1217938).
* CVE-2023-6121: Fixed an information leak via dmesg when receiving a crafted
packet in the NVMe-oF/TCP subsystem (bsc#1217250).
The following non-security bugs were fixed:
* Reviewed and added more information to README.SUSE (jsc#PED-5021).
* Build in the correct KOTD repository with multibuild (JSC-SLE#5501,
boo#1211226, bsc#1218184) With multibuild setting repository flags is no
longer supported for individual spec files - see
https://github.com/openSUSE/open-build-service/issues/3574 Add ExclusiveArch
conditional that depends on a macro set up by bs-upload-kernel instead. With
that each package should build only in one repository - either standard or
QA. Note: bs-upload-kernel does not interpret rpm conditionals, and only
uses the first ExclusiveArch line to determine the architectures to enable.
* KVM: s390/mm: Properly reset no-dat (bsc#1218056).
* KVM: s390: vsie: fix wrong VIR 37 when MSO is used (bsc#1217933).
* KVM: x86: Mask LVTPC when handling a PMI (jsc#PED-7322).
* NFS: Fix O_DIRECT locking issues (bsc#1211162).
* NFS: Fix a few more clear_bit() instances that need release semantics
(bsc#1211162).
* NFS: Fix a potential data corruption (bsc#1211162).
* NFS: Fix a use after free in nfs_direct_join_group() (bsc#1211162).
* NFS: Fix error handling for O_DIRECT write scheduling (bsc#1211162).
* NFS: More O_DIRECT accounting fixes for error paths (bsc#1211162).
* NFS: More fixes for nfs_direct_write_reschedule_io() (bsc#1211162).
* NFS: Use the correct commit info in nfs_join_page_group() (bsc#1211162).
* NLM: Defend against file_lock changes after vfs_test_lock() (bsc#1217692).
* Updated SPI patches for NVIDIA Grace enablement (bsc#1212584, jsc#PED-3459).
* block: fix revalidate performance regression (bsc#1216057).
* bpf: Adjust insufficient default bpf_jit_limit (bsc#1218234).
* ceph: fix incorrect revoked caps assert in ceph_fill_file_size()
(bsc#1217980).
* ceph: fix type promotion bug on 32bit systems (bsc#1217982).
* clocksource: Add a Kconfig option for WATCHDOG_MAX_SKEW (bsc#1215885
bsc#1217217).
* clocksource: Enable TSC watchdog checking of HPET and PMTMR only when
requested (bsc#1215885 bsc#1217217).
* clocksource: Handle negative skews in "skew is too large" messages
(bsc#1215885 bsc#1217217).
* clocksource: Improve "skew is too large" messages (bsc#1215885 bsc#1217217).
* clocksource: Improve read-back-delay message (bsc#1215885 bsc#1217217).
* clocksource: Loosen clocksource watchdog constraints (bsc#1215885
bsc#1217217).
* clocksource: Print clocksource name when clocksource is tested unstable
(bsc#1215885 bsc#1217217).
* clocksource: Verify HPET and PMTMR when TSC unverified (bsc#1215885
bsc#1217217).
* dm_blk_ioctl: implement path failover for SG_IO (bsc#1183045, bsc#1216776).
* fuse: dax: set fc->dax to NULL in fuse_dax_conn_free() (bsc#1218659).
* kabi/severities: ignore kABI for asus-wmi drivers Tolerate the kABI changes,
as used only locally for asus-wmi stuff
* libceph: use kernel_connect() (bsc#1217981).
* mkspec: Add multibuild support (JSC-SLE#5501, boo#1211226, bsc#1218184) When
MULTIBUILD option in config.sh is enabled generate a _multibuild file
listing all spec files.
* mm: kmem: drop __GFP_NOFAIL when allocating objcg vectors (bsc#1218515).
* net/smc: Fix pos miscalculation in statistics (bsc#1218139).
* net/tg3: fix race condition in tg3_reset_task() (bsc#1217801).
* nfs: only issue commit in DIO codepath if we have uncommitted data
(bsc#1211162).
* remove unnecessary WARN_ON_ONCE() (bsc#1214823 bsc#1218569).
* s390/vx: fix save/restore of fpu kernel context (bsc#1218357).
* scsi: lpfc: use unsigned type for num_sge (bsc#1214747).
* swiotlb: fix a braino in the alignment check fix (bsc#1216559).
* swiotlb: fix slot alignment checks (bsc#1216559).
* tracing: Disable preemption when using the filter buffer (bsc#1217036).
* tracing: Fix a possible race when disabling buffered events (bsc#1217036).
* tracing: Fix a warning when allocating buffered events fails (bsc#1217036).
* tracing: Fix incomplete locking when disabling buffered events
(bsc#1217036).
* tracing: Fix warning in trace_buffered_event_disable() (bsc#1217036).
* tracing: Use __this_cpu_read() in trace_event_buffer_lock_reserver()
(bsc#1217036).
* uapi: propagate __struct_group() attributes to the container union
(jsc#SLE-18978).
* vsprintf/kallsyms: Prevent invalid data when printing symbol (bsc#1217602).
* x86/entry/ia32: Ensure s32 is sign extended to s64 (bsc#1193285).
* x86/platform/uv: Use alternate source for socket to node data (bsc#1215696
bsc#1217790).
* x86/tsc: Add option to force frequency recalibration with HW timer
(bsc#1215885 bsc#1217217).
* x86/tsc: Be consistent about use_tsc_delay() (bsc#1215885 bsc#1217217).
* x86/tsc: Extend watchdog check exemption to 4-Sockets platform (bsc#1215885
bsc#1217217).
## Special Instructions and Notes:
* Please reboot the system after installing this update.
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* SUSE Real Time Module 15-SP4
zypper in -t patch SUSE-SLE-Module-RT-15-SP4-2024-129=1
* openSUSE Leap Micro 5.3
zypper in -t patch openSUSE-Leap-Micro-5.3-2024-129=1
* openSUSE Leap Micro 5.4
zypper in -t patch openSUSE-Leap-Micro-5.4-2024-129=1
* SUSE Linux Enterprise Micro for Rancher 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2024-129=1
* SUSE Linux Enterprise Micro 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2024-129=1
* SUSE Linux Enterprise Micro for Rancher 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2024-129=1
* SUSE Linux Enterprise Micro 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2024-129=1
* SUSE Linux Enterprise Live Patching 15-SP4
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2024-129=1
## Package List:
* SUSE Real Time Module 15-SP4 (x86_64)
* kernel-rt-devel-debuginfo-5.14.21-150400.15.65.1
* kernel-rt-debuginfo-5.14.21-150400.15.65.1
* kernel-rt_debug-debuginfo-5.14.21-150400.15.65.1
* gfs2-kmp-rt-debuginfo-5.14.21-150400.15.65.1
* kernel-rt_debug-devel-5.14.21-150400.15.65.1
* cluster-md-kmp-rt-5.14.21-150400.15.65.1
* dlm-kmp-rt-debuginfo-5.14.21-150400.15.65.1
* kernel-rt-devel-5.14.21-150400.15.65.1
* ocfs2-kmp-rt-debuginfo-5.14.21-150400.15.65.1
* cluster-md-kmp-rt-debuginfo-5.14.21-150400.15.65.1
* kernel-syms-rt-5.14.21-150400.15.65.1
* ocfs2-kmp-rt-5.14.21-150400.15.65.1
* dlm-kmp-rt-5.14.21-150400.15.65.1
* kernel-rt_debug-debugsource-5.14.21-150400.15.65.1
* kernel-rt_debug-devel-debuginfo-5.14.21-150400.15.65.1
* kernel-rt-debugsource-5.14.21-150400.15.65.1
* gfs2-kmp-rt-5.14.21-150400.15.65.1
* SUSE Real Time Module 15-SP4 (noarch)
* kernel-devel-rt-5.14.21-150400.15.65.1
* kernel-source-rt-5.14.21-150400.15.65.1
* SUSE Real Time Module 15-SP4 (nosrc x86_64)
* kernel-rt_debug-5.14.21-150400.15.65.1
* kernel-rt-5.14.21-150400.15.65.1
* openSUSE Leap Micro 5.3 (nosrc x86_64)
* kernel-rt-5.14.21-150400.15.65.1
* openSUSE Leap Micro 5.3 (x86_64)
* kernel-rt-debuginfo-5.14.21-150400.15.65.1
* kernel-rt-debugsource-5.14.21-150400.15.65.1
* openSUSE Leap Micro 5.4 (nosrc x86_64)
* kernel-rt-5.14.21-150400.15.65.1
* openSUSE Leap Micro 5.4 (x86_64)
* kernel-rt-debuginfo-5.14.21-150400.15.65.1
* kernel-rt-debugsource-5.14.21-150400.15.65.1
* SUSE Linux Enterprise Micro for Rancher 5.3 (nosrc x86_64)
* kernel-rt-5.14.21-150400.15.65.1
* SUSE Linux Enterprise Micro for Rancher 5.3 (x86_64)
* kernel-rt-debuginfo-5.14.21-150400.15.65.1
* kernel-rt-debugsource-5.14.21-150400.15.65.1
* SUSE Linux Enterprise Micro 5.3 (nosrc x86_64)
* kernel-rt-5.14.21-150400.15.65.1
* SUSE Linux Enterprise Micro 5.3 (x86_64)
* kernel-rt-debuginfo-5.14.21-150400.15.65.1
* kernel-rt-debugsource-5.14.21-150400.15.65.1
* SUSE Linux Enterprise Micro for Rancher 5.4 (nosrc x86_64)
* kernel-rt-5.14.21-150400.15.65.1
* SUSE Linux Enterprise Micro for Rancher 5.4 (x86_64)
* kernel-rt-debuginfo-5.14.21-150400.15.65.1
* kernel-rt-debugsource-5.14.21-150400.15.65.1
* SUSE Linux Enterprise Micro 5.4 (nosrc x86_64)
* kernel-rt-5.14.21-150400.15.65.1
* SUSE Linux Enterprise Micro 5.4 (x86_64)
* kernel-rt-debuginfo-5.14.21-150400.15.65.1
* kernel-rt-debugsource-5.14.21-150400.15.65.1
* SUSE Linux Enterprise Live Patching 15-SP4 (x86_64)
* kernel-livepatch-SLE15-SP4-RT_Update_17-debugsource-1-150400.1.3.1
* kernel-livepatch-5_14_21-150400_15_65-rt-debuginfo-1-150400.1.3.1
* kernel-livepatch-5_14_21-150400_15_65-rt-1-150400.1.3.1
## References:
* https://www.suse.com/security/cve/CVE-2020-26555.html
* https://www.suse.com/security/cve/CVE-2023-51779.html
* https://www.suse.com/security/cve/CVE-2023-6121.html
* https://www.suse.com/security/cve/CVE-2023-6531.html
* https://www.suse.com/security/cve/CVE-2023-6546.html
* https://www.suse.com/security/cve/CVE-2023-6606.html
* https://www.suse.com/security/cve/CVE-2023-6610.html
* https://www.suse.com/security/cve/CVE-2023-6622.html
* https://www.suse.com/security/cve/CVE-2023-6931.html
* https://www.suse.com/security/cve/CVE-2023-6932.html
* https://bugzilla.suse.com/show_bug.cgi?id=1179610
* https://bugzilla.suse.com/show_bug.cgi?id=1183045
* https://bugzilla.suse.com/show_bug.cgi?id=1193285
* https://bugzilla.suse.com/show_bug.cgi?id=1211162
* https://bugzilla.suse.com/show_bug.cgi?id=1211226
* https://bugzilla.suse.com/show_bug.cgi?id=1212584
* https://bugzilla.suse.com/show_bug.cgi?id=1214747
* https://bugzilla.suse.com/show_bug.cgi?id=1214823
* https://bugzilla.suse.com/show_bug.cgi?id=1215237
* https://bugzilla.suse.com/show_bug.cgi?id=1215696
* https://bugzilla.suse.com/show_bug.cgi?id=1215885
* https://bugzilla.suse.com/show_bug.cgi?id=1216057
* https://bugzilla.suse.com/show_bug.cgi?id=1216559
* https://bugzilla.suse.com/show_bug.cgi?id=1216776
* https://bugzilla.suse.com/show_bug.cgi?id=1217036
* https://bugzilla.suse.com/show_bug.cgi?id=1217217
* https://bugzilla.suse.com/show_bug.cgi?id=1217250
* https://bugzilla.suse.com/show_bug.cgi?id=1217602
* https://bugzilla.suse.com/show_bug.cgi?id=1217692
* https://bugzilla.suse.com/show_bug.cgi?id=1217790
* https://bugzilla.suse.com/show_bug.cgi?id=1217801
* https://bugzilla.suse.com/show_bug.cgi?id=1217933
* https://bugzilla.suse.com/show_bug.cgi?id=1217938
* https://bugzilla.suse.com/show_bug.cgi?id=1217946
* https://bugzilla.suse.com/show_bug.cgi?id=1217947
* https://bugzilla.suse.com/show_bug.cgi?id=1217980
* https://bugzilla.suse.com/show_bug.cgi?id=1217981
* https://bugzilla.suse.com/show_bug.cgi?id=1217982
* https://bugzilla.suse.com/show_bug.cgi?id=1218056
* https://bugzilla.suse.com/show_bug.cgi?id=1218139
* https://bugzilla.suse.com/show_bug.cgi?id=1218184
* https://bugzilla.suse.com/show_bug.cgi?id=1218234
* https://bugzilla.suse.com/show_bug.cgi?id=1218253
* https://bugzilla.suse.com/show_bug.cgi?id=1218258
* https://bugzilla.suse.com/show_bug.cgi?id=1218335
* https://bugzilla.suse.com/show_bug.cgi?id=1218357
* https://bugzilla.suse.com/show_bug.cgi?id=1218447
* https://bugzilla.suse.com/show_bug.cgi?id=1218515
* https://bugzilla.suse.com/show_bug.cgi?id=1218559
* https://bugzilla.suse.com/show_bug.cgi?id=1218569
* https://bugzilla.suse.com/show_bug.cgi?id=1218659
* https://jira.suse.com/browse/PED-3459
* https://jira.suse.com/browse/PED-5021
* https://jira.suse.com/browse/PED-7322
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20240116/cf583bd0/attachment.htm>
More information about the sle-security-updates
mailing list