Overview

File _patchinfo of Package patchinfo.28891

<patchinfo incident="28891">
  <issue id="1202353" tracker="bnc">kernel: replace mkinitrd wrapper with native dracut</issue>
  <issue id="1205128" tracker="bnc">VUL-0: CVE-2022-43945: kernel-source-azure,kernel-source,kernel-source-rt: nfsd: buffer overflow due to incorrect calculation of send buffer size</issue>
  <issue id="1206992" tracker="bnc">VUL-0: CVE-2022-2196: kernel-source,kernel-source-rt,kernel-source-azure: kvm: L2 can carry out Spectre v2 attacks on L1</issue>
  <issue id="1207088" tracker="bnc">L3: Kernel BUG at ../lib/assoc_array.c:652 — ref:_00D1igLOd._5005qJQ2E6:ref</issue>
  <issue id="1209687" tracker="bnc">VUL-0: CVE-2023-1611: kernel: race between quota disable and quota assign ioctls in fs/btrfs/ioctl.c</issue>
  <issue id="1209739" tracker="bnc">vmxnet3: update to latest ToT</issue>
  <issue id="1209777" tracker="bnc">VUL-0: CVE-2020-36691: kernel: lib/nlattr.c allows attackers to cause a denial of service</issue>
  <issue id="1209871" tracker="bnc">VUL-0: CVE-2023-1670: kernel-source-rt,kernel-source-azure,kernel-source: Use after free bug in xirc2ps_detach</issue>
  <issue id="1210202" tracker="bnc">VUL-0: CVE-2023-1855: kernel: use-after-free bug in remove function xgene_hwmon_remove</issue>
  <issue id="1210203" tracker="bnc">VUL-0: CVE-2023-1838: kernel: Possible use-after-free since the two fdget() during vhost_net_set_backend()</issue>
  <issue id="1210301" tracker="bnc">VUL-0: kernel: cifs.ko out of bounds memory access in smb311_decode_neg_context()</issue>
  <issue id="1210329" tracker="bnc">VUL-0: CVE-2023-30772: kernel: use after free bug in da9150_charger_remove due to race condition</issue>
  <issue id="1210336" tracker="bnc">VUL-0: CVE-2023-1989: kernel: Use after free bug in btsdio_remove due to race condition</issue>
  <issue id="1210337" tracker="bnc">VUL-0: CVE-2023-1990: kernel: Use after free bug in ndlc_remove due to race condition</issue>
  <issue id="1210414" tracker="bnc">VUL-0: CVE-2023-1872: kernel-source-azure,kernel-source,kernel-source-rt: race condition in io_uring when unregistering fixed files</issue>
  <issue id="1210453" tracker="bnc">VUL-0: CVE-2023-2008: kernel: udmabuf Improper Validation of Array Index Local Privilege Escalation Vulnerability</issue>
  <issue id="1210469" tracker="bnc">Obsolete KMP obsoletes</issue>
  <issue id="1210498" tracker="bnc">VUL-0: CVE-2023-2124: kernel-source: OOB access in the XFS subsystem</issue>
  <issue id="1210506" tracker="bnc">VUL-0: CVE-2023-1998: kernel: x86/speculation: Allow enabling STIBP with legacy IBRS</issue>
  <issue id="1210629" tracker="bnc">VUL-0: CVE-2023-2176: kernel: Slab-out-of-bound read in compare_netdev_and_ip</issue>
  <issue id="1210647" tracker="bnc">VUL-0: CVE-2023-2162: kernel-source-rt,kernel-source,kernel-source-azure: UAF during login when accessing the shost ipaddress</issue>
  <issue id="2023-2124" tracker="cve" />
  <issue id="2023-1872" tracker="cve" />
  <issue id="2022-2196" tracker="cve" />
  <issue id="2023-1670" tracker="cve" />
  <issue id="2023-2162" tracker="cve" />
  <issue id="2023-2176" tracker="cve" />
  <issue id="2023-1998" tracker="cve" />
  <issue id="2023-30772" tracker="cve" />
  <issue id="2023-2008" tracker="cve" />
  <issue id="2023-1855" tracker="cve" />
  <issue id="2020-36691" tracker="cve" />
  <issue id="2023-1990" tracker="cve" />
  <issue id="2023-1989" tracker="cve" />
  <issue id="2022-43945" tracker="cve" />
  <issue id="2023-1611" tracker="cve" />
  <issue id="2023-1838" tracker="cve" />
  <category>security</category>
  <rating>important</rating>
  <packager>vliaskovitis</packager>
  <reboot_needed/>
  <description>The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes.


The following security bugs were fixed:

- CVE-2023-2124: Fixed an out of bound access in the XFS subsystem that could have lead to denial-of-service or potentially privilege escalation (bsc#1210498).
- CVE-2023-1872:Fixed a use after free vulnerability in the io_uring subsystem, which could lead to local privilege escalation (bsc#1210414).
- CVE-2022-2196: Fixed a regression related to KVM that allowed for speculative execution attacks (bsc#1206992).
- CVE-2023-1670: Fixed a use after free in the Xircom 16-bit PCMCIA Ethernet driver. A local user could use this flaw to crash the system or potentially escalate their privileges on the system (bsc#1209871).
- CVE-2023-2162: Fixed an use-after-free flaw in iscsi_sw_tcp_session_create (bsc#1210647).
- CVE-2023-2176: A vulnerability was found in compare_netdev_and_ip in drivers/infiniband/core/cma.c in RDMA. The improper cleanup results in out-of-boundary read, where a local user can utilize this problem to crash the system or escalation of privilege (bsc#1210629).
- CVE-2023-1998: Fixed a use after free during login when accessing the shost ipaddress (bsc#1210506).
- CVE-2023-30772: Fixed a race condition and resultant use-after-free in da9150_charger_remove (bsc#1210329).
- CVE-2023-2008: A flaw was found in the fault handler of the udmabuf device driver. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code (bsc#1210453).
- CVE-2023-1855: Fixed a use after free in xgene_hwmon_remove (bsc#1210202).
- CVE-2020-36691: Fixed a denial of service vulnerability via a nested Netlink policy with a back reference (bsc#1209777).
- CVE-2023-1990: Fixed a use after free in ndlc_remove (bsc#1210337).
- CVE-2023-1989: Fixed a use after free in btsdio_remove (bsc#1210336).
- CVE-2022-43945: Fixed a buffer overflow in the NFSD implementation (bsc#1205128).
- CVE-2023-1611: Fixed an use-after-free flaw in btrfs_search_slot (bsc#1209687).
- CVE-2023-1838: Fixed an use-after-free flaw in virtio network subcomponent. This flaw could allow a local attacker to crash the system and lead to a kernel information leak problem. (bsc#1210203).

The following non-security bugs were fixed:

- Drivers: vmbus: Check for channel allocation before looking up relids (git-fixes).
- cifs: fix negotiate context parsing (bsc#1210301).
- keys: Fix linking a duplicate key to a keyring's assoc_array (bsc#1207088).
- vmxnet3: use gro callback when UPT is enabled (bsc#1209739).
</description>
<summary>Security update for the Linux Kernel</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places