Overview

File _patchinfo of Package patchinfo.30912

<patchinfo incident="30912">
  <issue id="1176588" tracker="bnc">Potential regression on SLES15 SP2</issue>
  <issue id="1202845" tracker="bnc">PVT:1020:XM:Everest: After running switch up stream error injection on switch drc, HTX devices state changed from RN to DD</issue>
  <issue id="1207036" tracker="bnc">VUL-0: CVE-2023-23454: kernel: type-confusion in the CBQ network scheduler</issue>
  <issue id="1207270" tracker="bnc">Backport Request for locking/rwsem commits</issue>
  <issue id="1208995" tracker="bnc">VUL-0: CVE-2023-1192: kernel: use-after-free in smb2_is_status_io_timeout()</issue>
  <issue id="1210169" tracker="bnc">VUL-1: CVE-2023-1859: kernel-source,kernel-source-rt,kernel-source-azure: use after free in xen_9pfs_front_remove() due to race condition</issue>
  <issue id="1210643" tracker="bnc">VUL-0: CVE-2023-2177: kernel-source-rt,kernel-source,kernel-source-azure: NULL pointer dereference in sctp_sched_dequeue_common()</issue>
  <issue id="1210658" tracker="bnc">L3: qedf: NULL pointer dereference in dma_direct_unmap_sg() during port flapping — ref:_00D1igLOd._5005qP5XWM:ref</issue>
  <issue id="1212703" tracker="bnc">VUL-0: CVE-2023-1206: kernel-source-rt,kernel-source,kernel-source-azure: hash collisions in the IPv6 connection lookup table</issue>
  <issue id="1213812" tracker="bnc">VUL-0: CVE-2023-4004: kernel: netfilter: nft_set_pipapo: improper element removal in function nft_pipapo_remove when insert an element without a NFT_SET_EXT_KEY_END that can lead to use-af</issue>
  <issue id="1214233" tracker="bnc">VUL-0: CVE-2023-40283: kernel-source,kernel-source-azure,kernel-source-rt: use after free in l2cap_sock_ready_cb() due to insufficient cleanup</issue>
  <issue id="1214351" tracker="bnc">VUL-0: CVE-2023-4389: kernel-source,kernel-source-azure,kernel-source-rt: double free in btrfs_get_root_ref()</issue>
  <issue id="1214380" tracker="bnc">Incorrect CONFIG_BUILTIN_RETURN_ADDRESS_STRIPS_PAC for arm64 with 6.4 kernel and gcc7</issue>
  <issue id="1214386" tracker="bnc">Cannot build KMP subpackage as unsupported</issue>
  <issue id="1215115" tracker="bnc">VUL-0: CVE-2023-4623: kernel-source-azure,kernel-source,kernel-source-rt: net/sched UAF in sch_hfsc</issue>
  <issue id="1215117" tracker="bnc">VUL-0: CVE-2023-4622: kernel-source,kernel-source-azure,kernel-source-rt: af_unix UAF</issue>
  <issue id="1215221" tracker="bnc">VUL-0: CVE-2023-4881: kernel-source: stack out-of-bounds write in nft_exthdr ip/tcp/sctp functions</issue>
  <issue id="1215275" tracker="bnc">VUL-0: CVE-2023-4921: kernel: use-after-free in net/sched: sch_qfq component</issue>
  <issue id="1215299" tracker="bnc">VUL-0: CVE-2020-36766: kernel-source,kernel-source-azure,kernel-source-rt: kernel memory leak in cec_adap_g_log_addrs()</issue>
  <issue id="1215322" tracker="bnc">PVT:1050:XM:ITC: SLES SP5 LPAR is not responding when we do Fatal Injection on 4 Port ethernet Adapter (Shiner - 14E4 168A 1014 0493)</issue>
  <issue id="1215356" tracker="bnc">After booting 'Call Trace' seen in journalctl output on AMD 7453 CPU</issue>
  <issue id="1215150" tracker="bnc">VUL-0: CVE-2023-42753: kernel-source: slab-out-of-bound access in the Linux kernel (XSA-439)</issue>
  <issue id="2023-4389" tracker="cve" />
  <issue id="2023-42753" tracker="cve" />
  <issue id="2023-1206" tracker="cve" />
  <issue id="2023-4921" tracker="cve" />
  <issue id="2023-23454" tracker="cve" />
  <issue id="2023-4004" tracker="cve" />
  <issue id="2023-4622" tracker="cve" />
  <issue id="2023-4623" tracker="cve" />
  <issue id="2020-36766" tracker="cve" />
  <issue id="2023-1859" tracker="cve" />
  <issue id="2023-2177" tracker="cve" />
  <issue id="2023-4881" tracker="cve" />
  <issue id="2023-40283" tracker="cve" />
  <issue id="2023-1192" tracker="cve" />
  <category>security</category>
  <rating>important</rating>
  <packager>vkarasulli</packager>
  <reboot_needed/>
  <description>
The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

- CVE-2023-1206: Fixed a hash collision flaw in the IPv6 connection lookup table. A user located in the local network or with a high bandwidth connection can increase the CPU usage of the server that accepts IPV6 connections up to 95% (bsc#1212703).
- CVE-2023-42753: Fixed an array indexing vulnerability in the netfilter subsystem. This issue may have allowed a local user to crash the system or potentially escalate their privileges on the system. (bsc#1215150)
- CVE-2023-4389: Fixed a a double decrement of the reference count flaw in the btrfs filesystem a double decrement of the reference count, which may have allowed a local attacker with user privilege to crash the system or may lead to leaked internal kernel information. (bsc#1214351)
- CVE-2023-4921: Fixed a use-after-free vulnerability in the sch_qfq component which could be exploited to achieve local privilege escalation. (bsc#1215275)
- CVE-2023-23454: Fixed a type-confusion in the CBQ network scheduler (bsc#1207036).
- CVE-2023-4004: Fixed improper element removal netfilter nft_set_pipapo (bsc#1213812).
- CVE-2023-4622: Fixed a use-after-free vulnerability in the af_unix component which could be exploited to achieve local privilege escalation. (bsc#1215117)
- CVE-2023-4623: Fixed a use-after-free issue in the HFSC network scheduler which could be exploited to achieve local privilege escalation (bsc#1215115).
- CVE-2020-36766: Fixed an issue in drivers/media/cec/core/cec-api.c which could leaks one byte of kernel memory on specific hardware to unprivileged users. (bsc#1215299)
- CVE-2023-1859: Fixed a use-after-free flaw in Xen transport for 9pfs. This flaw could allow a local attacker to crash the system due to a race problem, possibly leading to a kernel information leak. (bsc#1210169)
- CVE-2023-2177: Fixed a null pointer dereference issue in the sctp network protocol which could allow a user to crash the system or potentially cause a denial of service. (bsc#1210643)
- CVE-2023-4881: Fixed a out-of-bounds write flaw in the netfilter subsystem that could lead to potential information disclosure or a denial of service (bsc#1215221).
- CVE-2023-40283: Fixed use-after-free in l2cap_sock_ready_cb (bsc#1214233).
- CVE-2023-1192: Fixed use-after-free in cifs_demultiplex_thread() (bsc#1208995).

The following non-security bugs were fixed:

- bnx2x: new flag for track HW resource allocation (bsc#1202845 bsc#1215322).
- locking/rwsem: Disable reader optimistic spinning (bnc#1176588).
- mkspec: Allow unsupported KMPs (bsc#1214386)
- scsi: qedf: Add synchronization between I/O completions and abort (bsc#1210658).
- x86/pkeys: Revert a5eff7259790 ("x86/pkeys: Add PKRU value to init_fpstate") (bsc#1215356).
- x86/srso: Do not probe microcode in a guest (git-fixes).
- x86/srso: Fix SBPB enablement for spec_rstack_overflow=off (git-fixes).
- x86/srso: Fix srso_show_state() side effect (git-fixes).
- x86/srso: Set CPUID feature bits independently of bug or mitigation status (git-fixes).
</description>
<summary>Security update for the Linux Kernel</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places