{"affected":[{"ecosystem_specific":{"binaries":[{"cluster-md-kmp-default":"4.12.14-122.183.1","dlm-kmp-default":"4.12.14-122.183.1","gfs2-kmp-default":"4.12.14-122.183.1","ocfs2-kmp-default":"4.12.14-122.183.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise High Availability Extension 12 SP5","name":"kernel-default","purl":"pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2012%20SP5"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"4.12.14-122.183.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"kernel-default-kgraft":"4.12.14-122.183.1","kernel-default-kgraft-devel":"4.12.14-122.183.1","kgraft-patch-4_12_14-122_183-default":"1-8.3.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Live Patching 12 SP5","name":"kernel-default","purl":"pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP5"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"4.12.14-122.183.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"kernel-default-kgraft":"4.12.14-122.183.1","kernel-default-kgraft-devel":"4.12.14-122.183.1","kgraft-patch-4_12_14-122_183-default":"1-8.3.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Live Patching 12 SP5","name":"kgraft-patch-SLE12-SP5_Update_50","purl":"pkg:rpm/suse/kgraft-patch-SLE12-SP5_Update_50&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP5"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1-8.3.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"kernel-docs":"4.12.14-122.183.1","kernel-obs-build":"4.12.14-122.183.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Software Development Kit 12 SP5","name":"kernel-docs","purl":"pkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"4.12.14-122.183.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"kernel-docs":"4.12.14-122.183.1","kernel-obs-build":"4.12.14-122.183.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Software Development Kit 12 SP5","name":"kernel-obs-build","purl":"pkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"4.12.14-122.183.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"kernel-default":"4.12.14-122.183.1","kernel-default-base":"4.12.14-122.183.1","kernel-default-devel":"4.12.14-122.183.1","kernel-default-man":"4.12.14-122.183.1","kernel-devel":"4.12.14-122.183.1","kernel-macros":"4.12.14-122.183.1","kernel-source":"4.12.14-122.183.1","kernel-syms":"4.12.14-122.183.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 12 SP5","name":"kernel-default","purl":"pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"4.12.14-122.183.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"kernel-default":"4.12.14-122.183.1","kernel-default-base":"4.12.14-122.183.1","kernel-default-devel":"4.12.14-122.183.1","kernel-default-man":"4.12.14-122.183.1","kernel-devel":"4.12.14-122.183.1","kernel-macros":"4.12.14-122.183.1","kernel-source":"4.12.14-122.183.1","kernel-syms":"4.12.14-122.183.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 12 SP5","name":"kernel-source","purl":"pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"4.12.14-122.183.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"kernel-default":"4.12.14-122.183.1","kernel-default-base":"4.12.14-122.183.1","kernel-default-devel":"4.12.14-122.183.1","kernel-default-man":"4.12.14-122.183.1","kernel-devel":"4.12.14-122.183.1","kernel-macros":"4.12.14-122.183.1","kernel-source":"4.12.14-122.183.1","kernel-syms":"4.12.14-122.183.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 12 SP5","name":"kernel-syms","purl":"pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"4.12.14-122.183.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"kernel-default":"4.12.14-122.183.1","kernel-default-base":"4.12.14-122.183.1","kernel-default-devel":"4.12.14-122.183.1","kernel-default-man":"4.12.14-122.183.1","kernel-devel":"4.12.14-122.183.1","kernel-macros":"4.12.14-122.183.1","kernel-source":"4.12.14-122.183.1","kernel-syms":"4.12.14-122.183.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 12 SP5","name":"kernel-default","purl":"pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"4.12.14-122.183.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"kernel-default":"4.12.14-122.183.1","kernel-default-base":"4.12.14-122.183.1","kernel-default-devel":"4.12.14-122.183.1","kernel-default-man":"4.12.14-122.183.1","kernel-devel":"4.12.14-122.183.1","kernel-macros":"4.12.14-122.183.1","kernel-source":"4.12.14-122.183.1","kernel-syms":"4.12.14-122.183.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 12 SP5","name":"kernel-source","purl":"pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"4.12.14-122.183.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"kernel-default":"4.12.14-122.183.1","kernel-default-base":"4.12.14-122.183.1","kernel-default-devel":"4.12.14-122.183.1","kernel-default-man":"4.12.14-122.183.1","kernel-devel":"4.12.14-122.183.1","kernel-macros":"4.12.14-122.183.1","kernel-source":"4.12.14-122.183.1","kernel-syms":"4.12.14-122.183.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 12 SP5","name":"kernel-syms","purl":"pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"4.12.14-122.183.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"kernel-default-extra":"4.12.14-122.183.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Workstation Extension 12 SP5","name":"kernel-default","purl":"pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP5"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"4.12.14-122.183.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"\nThe SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2023-31085: Fixed a divide-by-zero error in do_div(sz,mtd->erasesize) that could cause a local DoS. (bsc#1210778)\n- CVE-2023-45862: Fixed an issue in the ENE UB6250 reader driver whwere an object could potentially extend beyond the end of an allocation causing. (bsc#1216051)\n- CVE-2023-34324: Fixed a possible deadlock in Linux kernel event handling. (bsc#1215745).\n- CVE-2023-39189: Fixed a flaw in the Netfilter subsystem that could allow a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, leading to a crash or information disclosure. (bsc#1216046)\n\nThe following non-security bugs were fixed:\n\n- 9p: virtio: make sure 'offs' is initialized in zc_request (git-fixes).\n- audit: fix potential double free on error path from fsnotify_add_inode_mark (git-fixes).\n- CKC: Clarify usage\n- crypto: virtio: Fix use-after-free in virtio_crypto_skcipher_finalize_req() (git-fixes).\n- iommu/amd: Fix IOMMU interrupt generation in X2APIC mode (bsc#1206010).\n- iommu/amd: Remove useless irq affinity notifier (bsc#1206010).\n- iommu/amd: Set iommu->int_enabled consistently when interrupts are set up (bsc#1206010).\n- kabi: iommu/amd: Fix IOMMU interrupt generation in X2APIC mode (bsc#1206010).\n- KVM: s390: fix sthyi error handling (git-fixes bsc#1216107).\n- memcg: drop kmem.limit_in_bytes (bsc#1208788)\n- mm, memcg: reconsider kmem.limit_in_bytes deprecation (bsc#1208788 bsc#1213705).\n- net: usb: dm9601: fix uninitialized variable use in dm9601_mdio_read (git-fixes).\n- net: usb: smsc75xx: Fix uninit-value access in __smsc75xx_read_reg (git-fixes).\n- ratelimit: Fix data-races in ___ratelimit() (git-fixes).\n- ring-buffer: Fix bytes info in per_cpu buffer stats (git-fixes).\n- s390/pci: fix iommu bitmap allocation (git-fixes bsc#1216513).\n- s390/ptrace: fix setting syscall number (git-fixes bsc#1216340).\n- s390/vdso: add missing FORCE to build targets (git-fixes bsc#1216140).\n- s390/zcrypt: change reply buffer size offering (LTC#203322 bsc#1213950).\n- s390/zcrypt: fix reply buffer calculations for CCA replies (LTC#203322 bsc#1213950).\n- sched: Avoid scale real weight down to zero (git fixes (sched)).\n- sched: correct SD_flags returned by tl->sd_flags() (git fixes (sched)).\n- sched: Reenable interrupts in do_sched_yield() (git fixes (sched)).\n- sched/core: Fix migration to invalid CPU in __set_cpus_allowed_ptr() (git fixes (sched)).\n- sched/core: Mitigate race cpus_share_cache()/update_top_cache_domain() (git fixes (sched)).\n- sched/fair: Do not balance task to its current running CPU (git fixes (sched)).\n- sched/rt: Minimize rq->lock contention in do_sched_rt_period_timer() (git fixes (sched)).\n- sched/rt: Restore rt_runtime after disabling RT_RUNTIME_SHARE (git fixes (sched)).\n- scsi: zfcp: Defer fc_rport blocking until after ADISC response (LTC#203327 bsc#1213977 git-fixes).\n- scsi: zfcp: Fix a double put in zfcp_port_enqueue() (git-fixes bsc#1216514).\n- tools/thermal: Fix possible path truncations (git-fixes).\n- tracing: Fix cpu buffers unavailable due to 'record_disabled' missed (git-fixes).\n- tracing: Fix memleak due to race between current_tracer and trace (git-fixes).\n- tracing: Fix race issue between cpu buffer write and swap (git-fixes).\n- uas: Add US_FL_NO_REPORT_OPCODES for JMicron JMS583Gen 2 (git-fixes).\n- usb: serial: cp210x: add Silicon Labs IFS-USB-DATACABLE IDs (git-fixes).\n- usb: typec: altmodes/displayport: Fix configure initial pin assignment (git-fixes).\n- usb: typec: altmodes/displayport: fix pin_assignment_show (git-fixes).\n- use optional first argument as a base-ref instead of upstream branch\n- vhost-scsi: unbreak any layout for response (git-fixes).\n- virtio_balloon: fix deadlock on OOM (git-fixes).\n- virtio_balloon: fix increment of vb->num_pfns in fill_balloon() (git-fixes).\n- virtio_net: Fix error unwinding of XDP initialization (git-fixes).\n- virtio: Protect vqs list access (git-fixes).\n- vsock/virtio: add transport parameter to the virtio_transport_reset_no_sock() (git-fixes).\n- xen-netback: use default TX queue size for vifs (git-fixes).\n- xen/x86: obtain full video frame buffer address for Dom0 also under EFI (bsc#1215743).\n- xen/x86: obtain upper 32 bits of video frame buffer address for Dom0 (bsc#1215743).\n","id":"SUSE-SU-2023:4349-1","modified":"2023-11-02T14:40:35Z","published":"2023-11-02T14:40:35Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2023/suse-su-20234349-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1206010"},{"type":"REPORT","url":"https://bugzilla.suse.com/1208788"},{"type":"REPORT","url":"https://bugzilla.suse.com/1210778"},{"type":"REPORT","url":"https://bugzilla.suse.com/1213705"},{"type":"REPORT","url":"https://bugzilla.suse.com/1213950"},{"type":"REPORT","url":"https://bugzilla.suse.com/1213977"},{"type":"REPORT","url":"https://bugzilla.suse.com/1215743"},{"type":"REPORT","url":"https://bugzilla.suse.com/1215745"},{"type":"REPORT","url":"https://bugzilla.suse.com/1216046"},{"type":"REPORT","url":"https://bugzilla.suse.com/1216051"},{"type":"REPORT","url":"https://bugzilla.suse.com/1216107"},{"type":"REPORT","url":"https://bugzilla.suse.com/1216140"},{"type":"REPORT","url":"https://bugzilla.suse.com/1216340"},{"type":"REPORT","url":"https://bugzilla.suse.com/1216513"},{"type":"REPORT","url":"https://bugzilla.suse.com/1216514"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-31085"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-34324"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-39189"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-45862"}],"related":["CVE-2023-31085","CVE-2023-34324","CVE-2023-39189","CVE-2023-45862"],"summary":"Security update for the Linux Kernel","upstream":["CVE-2023-31085","CVE-2023-34324","CVE-2023-39189","CVE-2023-45862"]}