SUSE 5149 Published by

A Linux Kernel security update has been released for openSUSE Leap 15.4/15.5 and SUSE Linux Enterprise.



SUSE-SU-2023:3392-1: important: Security update for the Linux Kernel


# Security update for the Linux Kernel

Announcement ID: SUSE-SU-2023:3392-1
Rating: important
References:

* #1206418
* #1207088
* #1210584
* #1211738
* #1211867
* #1212301
* #1212741
* #1212835
* #1213059
* #1213167
* #1213286
* #1213287
* #1213546
* #1213585
* #1213586
* #1213588
* #1213970
* #1214019

Cross-References:

* CVE-2022-40982
* CVE-2023-0459
* CVE-2023-20569
* CVE-2023-20593
* CVE-2023-2985
* CVE-2023-34319
* CVE-2023-35001
* CVE-2023-3567
* CVE-2023-3609
* CVE-2023-3611
* CVE-2023-3776
* CVE-2023-4133
* CVE-2023-4194

CVSS scores:

* CVE-2022-40982 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
* CVE-2022-40982 ( NVD ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
* CVE-2023-0459 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2023-0459 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2023-20569 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
* CVE-2023-20569 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
* CVE-2023-20593 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
* CVE-2023-20593 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2023-2985 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-2985 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-34319 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
* CVE-2023-35001 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-35001 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-3567 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-3567 ( NVD ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-3609 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-3609 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-3611 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-3611 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-3776 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-3776 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-4133 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-4133 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-4194 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2023-4194 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Affected Products:

* openSUSE Leap 15.4
* openSUSE Leap 15.5
* SUSE CaaS Platform 4.0
* SUSE Linux Enterprise High Availability Extension 15 SP1
* SUSE Linux Enterprise High Performance Computing 15 SP1
* SUSE Linux Enterprise High Performance Computing 15 SP1 LTSS 15-SP1
* SUSE Linux Enterprise Live Patching 15-SP1
* SUSE Linux Enterprise Server 15 SP1
* SUSE Linux Enterprise Server 15 SP1 Business Critical Linux 15-SP1
* SUSE Linux Enterprise Server 15 SP1 LTSS 15-SP1
* SUSE Linux Enterprise Server for SAP Applications 15 SP1
* SUSE Manager Proxy 4.0
* SUSE Manager Retail Branch Server 4.0
* SUSE Manager Server 4.0

An update that solves 13 vulnerabilities and has five fixes can now be
installed.

## Description:

The SUSE Linux Enterprise 15 SP1 kernel was updated to receive various security
and bugfixes.

The following security bugs were fixed:

* CVE-2022-40982: Fixed transient execution attack called "Gather Data
Sampling" (bsc#1206418).
* CVE-2023-0459: Fixed information leak in __uaccess_begin_nospec
(bsc#1211738).
* CVE-2023-20569: Fixed side channel attack ‘Inception’ or ‘RAS Poisoning’
(bsc#1213287).
* CVE-2023-20593: Fixed a ZenBleed issue in "Zen 2" CPUs that could allow an
attacker to potentially access sensitive information (bsc#1213286).
* CVE-2023-2985: Fixed an use-after-free vulnerability in hfsplus_put_super in
fs/hfsplus/super.c that could allow a local user to cause a denial of
service (bsc#1211867).
* CVE-2023-34319: Fixed buffer overrun triggered by unusual packet in
xen/netback (XSA-432) (bsc#1213546).
* CVE-2023-35001: Fixed an out-of-bounds memory access flaw in nft_byteorder
that could allow a local attacker to escalate their privilege (bsc#1213059).
* CVE-2023-3567: Fixed a use-after-free in vcs_read in
drivers/tty/vt/vc_screen.c (bsc#1213167).
* CVE-2023-3609: Fixed reference counter leak leading to overflow in net/sched
(bsc#1213586).
* CVE-2023-3611: Fixed an out-of-bounds write in net/sched
sch_qfq(bsc#1213585).
* CVE-2023-3776: Fixed improper refcount update in cls_fw leads to use-after-
free (bsc#1213588).
* CVE-2023-4133: Fixed use after free bugs caused by circular dependency
problem in cxgb4 (bsc#1213970).
* CVE-2023-4194: Fixed a type confusion in net tun_chr_open() bsc#1214019).

The following non-security bugs were fixed:

* arm: spear: do not use timer namespace for timer_shutdown() function
(bsc#1213970).
* clocksource/drivers/arm_arch_timer: do not use timer namespace for
timer_shutdown() function (bsc#1213970).
* clocksource/drivers/sp804: do not use timer namespace for timer_shutdown()
function (bsc#1213970).
* cpufeatures: allow adding more cpuid words
* get module prefix from kmod (bsc#1212835).
* kernel-binary.spec.in: remove superfluous %% in supplements fixes:
02b7735e0caf ("rpm/kernel-binary.spec.in: add enhances and supplements tags
to in-tree kmps")
* kernel-docs: add buildrequires on python3-base when using python3 the
python3 binary is provided by python3-base.
* kernel-docs: use python3 together with python3-sphinx (bsc#1212741).
* keys: change keyring_serialise_link_sem to a mutex (bsc#1207088).
* keys: fix linking a duplicate key to a keyring's assoc_array (bsc#1207088).
* keys: hoist locking out of __key_link_begin() (bsc#1207088).
* net/sched: sch_qfq: refactor parsing of netlink parameters (bsc#1213585).
* net: mana: add support for vlan tagging (bsc#1212301).
* readme.branch: add myself as co-maintainer
* remove more packaging cruft for sle < 12 sp3
* rpm/check-for-config-changes: ignore also pahole_has_* we now also have
options like config_pahole_has_lang_exclude.
* rpm/check-for-config-changes: ignore also riscv_isa_ _and dynamic_sigframe
they depend on config_toolchain_has__.
* timers: add shutdown mechanism to the internal functions (bsc#1213970).
* timers: provide timer_shutdown_sync (bsc#1213970).
* timers: rename del_timer() to timer_delete() (bsc#1213970).
* timers: rename del_timer_sync() to timer_delete_sync() (bsc#1213970).
* timers: replace bug_on()s (bsc#1213970).
* timers: silently ignore timers with a null function (bsc#1213970).
* timers: split [try_to_]del_timer_sync to prepare for shutdown mode
(bsc#1213970).
* timers: update kernel-doc for various functions (bsc#1213970).
* timers: use del_timer_sync() even on up (bsc#1213970).
* ubi: ensure that vid header offset + vid header size <= alloc, size
(bsc#1210584).
* ubi: fix failure attaching when vid_hdr offset equals to (sub)page size
(bsc#1210584).
* usrmerge: Adjust module path in the kernel sources (bsc#1212835).

## Special Instructions and Notes:

* Please reboot the system after installing this update.

## Patch Instructions:

To install this SUSE Important update use the SUSE recommended installation
methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.4
zypper in -t patch openSUSE-SLE-15.4-2023-3392=1

* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2023-3392=1

* SUSE Linux Enterprise Live Patching 15-SP1
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP1-2023-3392=1

* SUSE Linux Enterprise High Availability Extension 15 SP1
zypper in -t patch SUSE-SLE-Product-HA-15-SP1-2023-3392=1

* SUSE Linux Enterprise High Performance Computing 15 SP1 LTSS 15-SP1
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2023-3392=1

* SUSE Linux Enterprise Server 15 SP1 LTSS 15-SP1
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2023-3392=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP1
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2023-3392=1

* SUSE CaaS Platform 4.0
To install this update, use the SUSE CaaS Platform 'skuba' tool. It will inform
you if it detects new updates and let you then trigger updating of the complete
cluster in a controlled way.

## Package List:

* openSUSE Leap 15.4 (nosrc)
* kernel-kvmsmall-4.12.14-150100.197.154.1
* kernel-default-4.12.14-150100.197.154.1
* kernel-debug-4.12.14-150100.197.154.1
* kernel-zfcpdump-4.12.14-150100.197.154.1
* openSUSE Leap 15.4 (ppc64le x86_64)
* kernel-debug-base-debuginfo-4.12.14-150100.197.154.1
* kernel-debug-base-4.12.14-150100.197.154.1
* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64)
* kernel-vanilla-devel-4.12.14-150100.197.154.1
* kernel-vanilla-base-debuginfo-4.12.14-150100.197.154.1
* kernel-vanilla-debuginfo-4.12.14-150100.197.154.1
* kernel-vanilla-livepatch-devel-4.12.14-150100.197.154.1
* kernel-vanilla-debugsource-4.12.14-150100.197.154.1
* kernel-default-base-debuginfo-4.12.14-150100.197.154.1
* kernel-vanilla-devel-debuginfo-4.12.14-150100.197.154.1
* kernel-vanilla-base-4.12.14-150100.197.154.1
* openSUSE Leap 15.4 (x86_64)
* kernel-kvmsmall-base-debuginfo-4.12.14-150100.197.154.1
* kernel-kvmsmall-base-4.12.14-150100.197.154.1
* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 nosrc)
* kernel-vanilla-4.12.14-150100.197.154.1
* openSUSE Leap 15.4 (s390x)
* kernel-default-man-4.12.14-150100.197.154.1
* kernel-zfcpdump-man-4.12.14-150100.197.154.1
* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 nosrc)
* kernel-vanilla-4.12.14-150100.197.154.1
* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
* kernel-vanilla-devel-4.12.14-150100.197.154.1
* kernel-vanilla-base-debuginfo-4.12.14-150100.197.154.1
* kernel-vanilla-debuginfo-4.12.14-150100.197.154.1
* kernel-vanilla-livepatch-devel-4.12.14-150100.197.154.1
* kernel-vanilla-debugsource-4.12.14-150100.197.154.1
* kernel-vanilla-devel-debuginfo-4.12.14-150100.197.154.1
* kernel-vanilla-base-4.12.14-150100.197.154.1
* SUSE Linux Enterprise Live Patching 15-SP1 (nosrc)
* kernel-default-4.12.14-150100.197.154.1
* SUSE Linux Enterprise Live Patching 15-SP1 (ppc64le x86_64)
* kernel-default-debuginfo-4.12.14-150100.197.154.1
* kernel-default-debugsource-4.12.14-150100.197.154.1
* kernel-default-livepatch-4.12.14-150100.197.154.1
* kernel-default-livepatch-devel-4.12.14-150100.197.154.1
* kernel-livepatch-4_12_14-150100_197_154-default-1-150100.3.3.1
* SUSE Linux Enterprise High Availability Extension 15 SP1 (aarch64 ppc64le
s390x x86_64)
* gfs2-kmp-default-debuginfo-4.12.14-150100.197.154.1
* kernel-default-debuginfo-4.12.14-150100.197.154.1
* kernel-default-debugsource-4.12.14-150100.197.154.1
* ocfs2-kmp-default-debuginfo-4.12.14-150100.197.154.1
* dlm-kmp-default-debuginfo-4.12.14-150100.197.154.1
* gfs2-kmp-default-4.12.14-150100.197.154.1
* cluster-md-kmp-default-4.12.14-150100.197.154.1
* ocfs2-kmp-default-4.12.14-150100.197.154.1
* cluster-md-kmp-default-debuginfo-4.12.14-150100.197.154.1
* dlm-kmp-default-4.12.14-150100.197.154.1
* SUSE Linux Enterprise High Availability Extension 15 SP1 (nosrc)
* kernel-default-4.12.14-150100.197.154.1
* SUSE Linux Enterprise High Performance Computing 15 SP1 LTSS 15-SP1 (aarch64
nosrc x86_64)
* kernel-default-4.12.14-150100.197.154.1
* SUSE Linux Enterprise High Performance Computing 15 SP1 LTSS 15-SP1 (aarch64
x86_64)
* kernel-obs-build-debugsource-4.12.14-150100.197.154.1
* kernel-default-debuginfo-4.12.14-150100.197.154.1
* kernel-default-debugsource-4.12.14-150100.197.154.1
* kernel-default-devel-debuginfo-4.12.14-150100.197.154.1
* kernel-default-devel-4.12.14-150100.197.154.1
* kernel-default-base-debuginfo-4.12.14-150100.197.154.1
* kernel-syms-4.12.14-150100.197.154.1
* kernel-default-base-4.12.14-150100.197.154.1
* kernel-obs-build-4.12.14-150100.197.154.1
* SUSE Linux Enterprise High Performance Computing 15 SP1 LTSS 15-SP1 (noarch)
* kernel-source-4.12.14-150100.197.154.1
* kernel-macros-4.12.14-150100.197.154.1
* kernel-devel-4.12.14-150100.197.154.1
* SUSE Linux Enterprise High Performance Computing 15 SP1 LTSS 15-SP1 (noarch
nosrc)
* kernel-docs-4.12.14-150100.197.154.1
* SUSE Linux Enterprise Server 15 SP1 LTSS 15-SP1 (aarch64 ppc64le s390x
x86_64 nosrc)
* kernel-default-4.12.14-150100.197.154.1
* SUSE Linux Enterprise Server 15 SP1 LTSS 15-SP1 (aarch64 ppc64le s390x
x86_64)
* kernel-obs-build-debugsource-4.12.14-150100.197.154.1
* reiserfs-kmp-default-4.12.14-150100.197.154.1
* kernel-default-debuginfo-4.12.14-150100.197.154.1
* kernel-default-debugsource-4.12.14-150100.197.154.1
* kernel-default-devel-debuginfo-4.12.14-150100.197.154.1
* kernel-default-devel-4.12.14-150100.197.154.1
* kernel-default-base-debuginfo-4.12.14-150100.197.154.1
* reiserfs-kmp-default-debuginfo-4.12.14-150100.197.154.1
* kernel-syms-4.12.14-150100.197.154.1
* kernel-default-base-4.12.14-150100.197.154.1
* kernel-obs-build-4.12.14-150100.197.154.1
* SUSE Linux Enterprise Server 15 SP1 LTSS 15-SP1 (noarch)
* kernel-source-4.12.14-150100.197.154.1
* kernel-macros-4.12.14-150100.197.154.1
* kernel-devel-4.12.14-150100.197.154.1
* SUSE Linux Enterprise Server 15 SP1 LTSS 15-SP1 (noarch nosrc)
* kernel-docs-4.12.14-150100.197.154.1
* SUSE Linux Enterprise Server 15 SP1 LTSS 15-SP1 (s390x)
* kernel-default-man-4.12.14-150100.197.154.1
* kernel-zfcpdump-debugsource-4.12.14-150100.197.154.1
* kernel-zfcpdump-debuginfo-4.12.14-150100.197.154.1
* SUSE Linux Enterprise Server 15 SP1 LTSS 15-SP1 (nosrc)
* kernel-zfcpdump-4.12.14-150100.197.154.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP1 (nosrc ppc64le
x86_64)
* kernel-default-4.12.14-150100.197.154.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP1 (ppc64le x86_64)
* kernel-obs-build-debugsource-4.12.14-150100.197.154.1
* reiserfs-kmp-default-4.12.14-150100.197.154.1
* kernel-default-debuginfo-4.12.14-150100.197.154.1
* kernel-default-debugsource-4.12.14-150100.197.154.1
* kernel-default-devel-debuginfo-4.12.14-150100.197.154.1
* kernel-default-devel-4.12.14-150100.197.154.1
* kernel-default-base-debuginfo-4.12.14-150100.197.154.1
* reiserfs-kmp-default-debuginfo-4.12.14-150100.197.154.1
* kernel-syms-4.12.14-150100.197.154.1
* kernel-default-base-4.12.14-150100.197.154.1
* kernel-obs-build-4.12.14-150100.197.154.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP1 (noarch)
* kernel-source-4.12.14-150100.197.154.1
* kernel-macros-4.12.14-150100.197.154.1
* kernel-devel-4.12.14-150100.197.154.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP1 (noarch nosrc)
* kernel-docs-4.12.14-150100.197.154.1
* SUSE CaaS Platform 4.0 (nosrc x86_64)
* kernel-default-4.12.14-150100.197.154.1
* SUSE CaaS Platform 4.0 (x86_64)
* kernel-obs-build-debugsource-4.12.14-150100.197.154.1
* reiserfs-kmp-default-4.12.14-150100.197.154.1
* kernel-default-debuginfo-4.12.14-150100.197.154.1
* kernel-default-debugsource-4.12.14-150100.197.154.1
* kernel-default-devel-debuginfo-4.12.14-150100.197.154.1
* kernel-default-devel-4.12.14-150100.197.154.1
* kernel-default-base-debuginfo-4.12.14-150100.197.154.1
* reiserfs-kmp-default-debuginfo-4.12.14-150100.197.154.1
* kernel-syms-4.12.14-150100.197.154.1
* kernel-default-base-4.12.14-150100.197.154.1
* kernel-obs-build-4.12.14-150100.197.154.1
* SUSE CaaS Platform 4.0 (noarch)
* kernel-source-4.12.14-150100.197.154.1
* kernel-macros-4.12.14-150100.197.154.1
* kernel-devel-4.12.14-150100.197.154.1
* SUSE CaaS Platform 4.0 (noarch nosrc)
* kernel-docs-4.12.14-150100.197.154.1

## References:

* https://www.suse.com/security/cve/CVE-2022-40982.html
* https://www.suse.com/security/cve/CVE-2023-0459.html
* https://www.suse.com/security/cve/CVE-2023-20569.html
* https://www.suse.com/security/cve/CVE-2023-20593.html
* https://www.suse.com/security/cve/CVE-2023-2985.html
* https://www.suse.com/security/cve/CVE-2023-34319.html
* https://www.suse.com/security/cve/CVE-2023-35001.html
* https://www.suse.com/security/cve/CVE-2023-3567.html
* https://www.suse.com/security/cve/CVE-2023-3609.html
* https://www.suse.com/security/cve/CVE-2023-3611.html
* https://www.suse.com/security/cve/CVE-2023-3776.html
* https://www.suse.com/security/cve/CVE-2023-4133.html
* https://www.suse.com/security/cve/CVE-2023-4194.html
* https://bugzilla.suse.com/show_bug.cgi?id=1206418
* https://bugzilla.suse.com/show_bug.cgi?id=1207088
* https://bugzilla.suse.com/show_bug.cgi?id=1210584
* https://bugzilla.suse.com/show_bug.cgi?id=1211738
* https://bugzilla.suse.com/show_bug.cgi?id=1211867
* https://bugzilla.suse.com/show_bug.cgi?id=1212301
* https://bugzilla.suse.com/show_bug.cgi?id=1212741
* https://bugzilla.suse.com/show_bug.cgi?id=1212835
* https://bugzilla.suse.com/show_bug.cgi?id=1213059
* https://bugzilla.suse.com/show_bug.cgi?id=1213167
* https://bugzilla.suse.com/show_bug.cgi?id=1213286
* https://bugzilla.suse.com/show_bug.cgi?id=1213287
* https://bugzilla.suse.com/show_bug.cgi?id=1213546
* https://bugzilla.suse.com/show_bug.cgi?id=1213585
* https://bugzilla.suse.com/show_bug.cgi?id=1213586
* https://bugzilla.suse.com/show_bug.cgi?id=1213588
* https://bugzilla.suse.com/show_bug.cgi?id=1213970
* https://bugzilla.suse.com/show_bug.cgi?id=1214019