Security update for the Linux Kernel

Announcement ID:	SUSE-SU-2023:4031-1
Rating:	important
References:	bsc#1065729 bsc#1109837 bsc#1152446 bsc#1154048 bsc#1207168 bsc#1208995 bsc#1210169 bsc#1212703 bsc#1213016 bsc#1214157 bsc#1214380 bsc#1214386 bsc#1214586 bsc#1214940 bsc#1214943 bsc#1214945 bsc#1214946 bsc#1214948 bsc#1214949 bsc#1214950 bsc#1214952 bsc#1214953 bsc#1214961 bsc#1214962 bsc#1214964 bsc#1214965 bsc#1214966 bsc#1214967 bsc#1215115 bsc#1215117 bsc#1215121 bsc#1215122 bsc#1215136 bsc#1215149 bsc#1215152 bsc#1215162 bsc#1215164 bsc#1215165 bsc#1215207 bsc#1215221 bsc#1215275 bsc#1215299 bsc#1215467 bsc#1215607 bsc#1215634 bsc#1215858 bsc#1215860 bsc#1215861 bsc#1215877 bsc#1215897 bsc#1215898 bsc#1215954 jsc#PED-5021
Cross-References:	CVE-2020-36766 CVE-2023-0394 CVE-2023-1192 CVE-2023-1206 CVE-2023-1859 CVE-2023-39192 CVE-2023-39193 CVE-2023-39194 CVE-2023-42754 CVE-2023-4622 CVE-2023-4623 CVE-2023-4881 CVE-2023-4921
CVSS scores:	CVE-2020-36766 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N CVE-2020-36766 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N CVE-2023-0394 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2023-0394 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2023-1192 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2023-1192 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2023-1206 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2023-1206 ( NVD ): 5.7 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2023-1859 ( SUSE ): 1.9 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L CVE-2023-1859 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2023-39192 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H CVE-2023-39192 ( NVD ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H CVE-2023-39193 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:L CVE-2023-39193 ( NVD ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H CVE-2023-39194 ( SUSE ): 3.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N CVE-2023-39194 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N CVE-2023-42754 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2023-42754 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2023-4622 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2023-4622 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2023-4623 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2023-4623 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2023-4881 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L CVE-2023-4881 ( NVD ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H CVE-2023-4921 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2023-4921 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products:	SUSE Linux Enterprise High Availability Extension 12 SP5 SUSE Linux Enterprise High Performance Computing 12 SP5 SUSE Linux Enterprise Live Patching 12-SP5 SUSE Linux Enterprise Server 12 SP5 SUSE Linux Enterprise Server for SAP Applications 12 SP5 SUSE Linux Enterprise Software Development Kit 12 SP5 SUSE Linux Enterprise Workstation Extension 12 12-SP5

An update that solves 13 vulnerabilities, contains one feature and has 39 security fixes can now be installed.

Description:

The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

• CVE-2023-39192: Fixed an out of bounds read in the netfilter (bsc#1215858).
• CVE-2023-39193: Fixed an out of bounds read in the xtables subsystem (bsc#1215860).
• CVE-2023-39194: Fixed an out of bounds read in the XFRM subsystem (bsc#1215861).
• CVE-2023-42754: Fixed a NULL pointer dereference in the IPv4 stack that could lead to denial of service (bsc#1215467).
• CVE-2023-1206: Fixed a hash collision flaw in the IPv6 connection lookup table which could be exploited by network adjacent attackers, increasing CPU usage by 95% (bsc#1212703).
• CVE-2023-4921: Fixed a use-after-free vulnerability in the QFQ network scheduler which could be exploited to achieve local privilege escalation (bsc#1215275).
• CVE-2023-0394: Fixed a NULL pointer dereference in the IPv6 stack that could lead to denial of service (bsc#1207168).
• CVE-2023-4622: Fixed a use-after-free vulnerability in the Unix domain sockets component which could be exploited to achieve local privilege escalation (bsc#1215117).
• CVE-2023-4623: Fixed a use-after-free issue in the HFSC network scheduler which could be exploited to achieve local privilege escalation (bsc#1215115).
• CVE-2020-36766: Fixed a potential information leak in in the CEC driver (bsc#1215299).
• CVE-2023-1859: Fixed a use-after-free flaw in Xen transport for 9pfs which could be exploited to crash the system (bsc#1210169).
• CVE-2023-4881: Fixed a out-of-bounds write flaw in the netfilter subsystem that could lead to potential information disclosure or a denial of service (bsc#1215221).
• CVE-2023-1192: Fixed use-after-free in cifs_demultiplex_thread() (bsc#1208995).

The following non-security bugs were fixed:

• 9p/trans_virtio: Remove sysfs file on probe failure (git-fixes).
• Drivers: hv: vmbus: Do not dereference ACPI root object handle (git-fixes).
• Input: psmouse - fix OOB access in Elantech protocol (git-fixes).
• Input: raspberrypi-ts - fix refcount leak in rpi_ts_probe (git-fixes).
• Input: xpad - add constants for GIP interface numbers (git-fixes).
• Input: xpad - delete a Razer DeathAdder mouse VID/PID entry (git-fixes).
• KVM: s390: vsie: Fix the initialization of the epoch extension (epdx) field (git-fixes bsc#1215897).
• KVM: s390: vsie: fix the length of APCB bitmap (git-fixes bsc#1215898).
• NFS/pNFS: Report EINVAL errors from connect() to the server (git-fixes).
• NFSv4/pnfs: minor fix for cleanup path in nfs4_get_device_info (git-fixes).
• README: update rebuilding information (jsc#PED-5021).
• USB: serial: option: add FOXCONN T99W368/T99W373 product (git-fixes).
• USB: serial: option: add Quectel EM05G variant (0x030e) (git-fixes).
• VSOCK: handle VIRTIO_VSOCK_OP_CREDIT_REQUEST (git-fixes).
• arm64: insn: Fix ldadd instruction encoding (git-fixes)
• arm64: kgdb: Set PSTATE.SS to 1 to re-enable single-step (git-fixes)
• blacklist.conf: workqueue: compiler warning on 32-bit systems with Clang (bsc#1215877)
• blk-mq: Add blk_mq_delay_run_hw_queues() API call (bsc#1214586).
• blk-mq: In blk_mq_dispatch_rq_list() "no budget" is a reason to kick (bsc#1214586).
• blk-mq: Rerun dispatching in the case of budget contention (bsc#1214586).
• btrfs: output extra debug info on failure (bsc#1215136).
• config: do not incorrectly set CONFIG_BUILTIN_RETURN_ADDRESS_STRIPS_PAC (bsc#1214380).
• direct-io: allow direct writes to empty inodes (bsc#1215164).
• drm/ast: Fix DRAM init on AST2200 (bsc#1152446)
• drm/client: Fix memory leak in drm_client_target_cloned (bsc#1152446).
• drm/client: Send hotplug event after registering a client (bsc#1152446).
• drm/virtio: Fix GEM handle creation UAF (git-fixes).
• drm/virtio: fix NULL pointer dereference in virtio_gpu_conn_get_modes (git-fixes).
• ext4: avoid deadlock in fs reclaim with page writeback (bsc#1213016).
• ext4: correct inline offset when handling xattrs in inode body (bsc#1214950).
• ext4: fix wrong unit use in ext4_mb_clear_bb (bsc#1214943).
• ext4: set goal start correctly in ext4_mb_normalize_request (bsc#1214940).
• fbcon: Fix null-ptr-deref in soft_cursor (bsc#1154048).
• fbdev: au1200fb: Fix missing IRQ check in au1200fb_drv_probe (bsc#1154048)
• fbdev: imxfb: warn about invalid left/right margin (bsc#1154048)
• fbdev: modedb: Add 1920x1080 at 60 Hz video mode (bsc#1154048)
• fbdev: omapfb: lcd_mipid: Fix an error handling path in (bsc#1154048).
• firmware: raspberrypi: Introduce devm_rpi_firmware_get() (git-fixes).
• firmware: raspberrypi: Keep count of all consumers (git-fixes).
• firmware: raspberrypi: fix possible memory leak in rpi_firmware_probe() (git-fixes).
• fs: avoid softlockups in s_inodes iterators (bsc#1215165).
• fuse: nlookup missing decrement in fuse_direntplus_link (bsc#1215607).
• hv_utils: Fix passing zero to 'PTR_ERR' warning (git-fixes).
• idr: fix param name in idr_alloc_cyclic() doc (bsc#1109837).
• jbd2: Fix wrongly judgement for buffer head removing while doing checkpoint (bsc#1214948).
• jbd2: check 'jh->b_transaction' before removing it from checkpoint (bsc#1214953).
• jbd2: fix a race when checking checkpoint buffer busy (bsc#1214949).
• jbd2: fix checkpoint cleanup performance regression (bsc#1214952).
• jbd2: recheck chechpointing non-dirty buffer (bsc#1214945).
• jbd2: remove t_checkpoint_io_list (bsc#1214946).
• jbd2: remove unused function '__cp_buffer_busy' (bsc#1215162).
• jbd2: restore t_checkpoint_io_list to maintain kABI (bsc#1214946).
• jbd2: simplify journal_clean_one_cp_list() (bsc#1215207).
• media: b2c2: Add missing check in flexcop_pci_isr: (git-fixes).
• media: cec-notifier: clear cec_adap in cec_notifier_unregister (git-fixes).
• media: cec: copy sequence field for the reply (git-fixes).
• media: cec: integrate cec_validate_phys_addr() in cec-api.c (git-fixes).
• media: cec: make cec_get_edid_spa_location() an inline function (git-fixes).
• media: flexcop-usb: fix NULL-ptr deref in flexcop_usb_transfer_init() (git-fixes).
• media: mceusb: return without resubmitting URB in case of -EPROTO error (git-fixes).
• media: s5p_cec: decrement usage count if disabled (git-fixes).
• media: uvcvideo: Increase UVC_CTRL_CONTROL_TIMEOUT to 5 seconds (git-fixes).
• mkspec: Allow unsupported KMPs (bsc#1214386)
• net/mlx5: Fix size field in bufferx_reg struct (git-fixes).
• net: accept UFOv6 packages in virtio_net_hdr_to_skb (git-fixes).
• net: check if protocol extracted by virtio_net_hdr_set_proto is correct (git-fixes).
• net: do not allow gso_size to be set to GSO_BY_FRAGS (git-fixes).
• net: ensure mac header is set in virtio_net_hdr_to_skb() (git-fixes).
• net: tap: NULL pointer derefence in dev_parse_header_protocol when skb->dev is null (git-fixes).
• net: usb: qmi_wwan: add Quectel EM05GV2 (git-fixes).
• net: virtio_vsock: Enhance connection semantics (git-fixes).
• nfsd: fix change_info in NFSv4 RENAME replies (git-fixes).
• powerpc/64s/exception: machine check use correct cfar for late handler (bsc#1065729).
• powerpc/iommu: Fix notifiers being shared by PCI and VIO buses (bsc#1065729).
• powerpc/xics: Remove unnecessary endian conversion (bsc#1065729).
• quota: Properly disable quotas when add_dquot_ref() fails (bsc#1214961).
• quota: fix warning in dqgrab() (bsc#1214962).
• remoteproc: Add missing '\n' in log messages (git-fixes).
• remoteproc: Fix NULL pointer dereference in rproc_virtio_notify (git-fixes).
• s390/dasd: fix hanging device after request requeue (LTC#203632 bsc#1215121).
• s390/zcrypt: do not leak memory if dev_set_name() fails (git-fixes bsc#1215152).
• s390: add z16 elf platform (LTC#203790 bsc#1215954).
• scsi: qla2xxx: Fix NULL vs IS_ERR() bug for debugfs_create_dir() (git-fixes).
• scsi: qla2xxx: Use raw_smp_processor_id() instead of smp_processor_id() (git-fixes).
• scsi: zfcp: reduce flood of fcrscn1 trace records on multi-element RSCN (git-fixes bsc#1215149).
• tools/virtio: fix the vringh test for virtio ring changes (git-fixes).
• tracing: Reverse the order of trace_types_lock and event_mutex (git-fixes bsc#1215634).
• udf: Fix extension of the last extent in the file (bsc#1214964).
• udf: Fix file corruption when appending just after end of preallocated extent (bsc#1214965).
• udf: Fix off-by-one error when discarding preallocation (bsc#1214966).
• udf: Fix uninitialized array access for some pathnames (bsc#1214967).
• usb: typec: altmodes/displayport: Add pin assignment helper (git-fixes).
• usb: typec: altmodes/displayport: Fix pin assignment calculation (git-fixes).
• vhost/net: Clear the pending messages when the backend is removed (git-fixes).
• vhost/test: stop device before reset (git-fixes).
• vhost/vsock: Fix error handling in vhost_vsock_init() (git-fixes).
• vhost: Do not call access_ok() when using IOTLB (git-fixes).
• vhost: Fix vhost_vq_reset() (git-fixes).
• vhost: Use vhost_get_used_size() in vhost_vring_set_addr() (git-fixes).
• vhost: fix range used in translate_desc() (git-fixes).
• vhost: introduce helpers to get the size of metadata area (git-fixes).
• vhost: missing __user tags (git-fixes).
• vhost: vsock: kick send_pkt worker once device is started (git-fixes).
• vhost_net: fix ubuf refcount incorrectly when sendmsg fails (git-fixes).
• virtio-gpu: fix a missing check to avoid NULL dereference (git-fixes).
• virtio-gpu: fix possible memory allocation failure (git-fixes).
• virtio-net: execute xdp_do_flush() before napi_complete_done() (git-fixes).
• virtio-net: fix race between ndo_open() and virtio_device_ready() (git-fixes).
• virtio-net: fix race between set queues and probe (git-fixes).
• virtio-net: fix the race between refill work and close (git-fixes).
• virtio-net: set queues after driver_ok (git-fixes).
• virtio-rng: make device ready before making request (git-fixes).
• virtio: acknowledge all features before access (git-fixes).
• virtio_balloon: prevent pfn array overflow (git-fixes).
• virtio_mmio: Add missing PM calls to freeze/restore (git-fixes).
• virtio_mmio: Restore guest page size on resume (git-fixes).
• virtio_net: Fix probe failed when modprobe virtio_net (git-fixes).
• virtio_net: Remove BUG() to avoid machine dead (git-fixes).
• virtio_net: add checking sq is full inside xdp xmit (git-fixes).
• virtio_net: fix memory leak inside XPD_TX with mergeable (git-fixes).
• virtio_net: reorder some funcs (git-fixes).
• virtio_net: separate the logic of checking whether sq is full (git-fixes).
• virtio_net: suppress cpu stall when free_unused_bufs (git-fixes).
• virtio_pci: Support surprise removal of virtio pci device (git-fixes).
• virtio_pci_modern: Fix the comment of virtio_pci_find_capability() (git-fixes).
• virtio_ring: Avoid loop when vq is broken in virtqueue_poll (git-fixes).
• vringh: Fix loop descriptors check in the indirect cases (git-fixes).
• vsock/virtio: avoid potential deadlock when vsock device remove (git-fixes).
• vsock/virtio: enable VQs early on probe (git-fixes).
• vsock/virtio: free queued packets when closing socket (git-fixes).
• vsock/virtio: update credit only if socket is not closed (git-fixes).
• word-at-a-time: use the same return type for has_zero regardless of endianness (bsc#1065729).
• x86/hyperv: Fix NULL deref in set_hv_tscchange_cb() if Hyper-V setup fails (git-fixes).
• x86/srso: Do not probe microcode in a guest (git-fixes).
• x86/srso: Fix SBPB enablement for spec_rstack_overflow=off (git-fixes).
• x86/srso: Fix srso_show_state() side effect (git-fixes).
• x86/srso: Set CPUID feature bits independently of bug or mitigation status (git-fixes).
• xen: remove a confusing comment on auto-translated guest I/O (git-fixes).

Special Instructions and Notes:

• Please reboot the system after installing this update.

Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

• SUSE Linux Enterprise Live Patching 12-SP5
  zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2023-4031=1
• SUSE Linux Enterprise Software Development Kit 12 SP5
  zypper in -t patch SUSE-SLE-SDK-12-SP5-2023-4031=1
• SUSE Linux Enterprise High Performance Computing 12 SP5
  zypper in -t patch SUSE-SLE-SERVER-12-SP5-2023-4031=1
• SUSE Linux Enterprise Server 12 SP5
  zypper in -t patch SUSE-SLE-SERVER-12-SP5-2023-4031=1
• SUSE Linux Enterprise Server for SAP Applications 12 SP5
  zypper in -t patch SUSE-SLE-SERVER-12-SP5-2023-4031=1 SUSE-SLE-HA-12-SP5-2023-4031=1
• SUSE Linux Enterprise Workstation Extension 12 12-SP5
  zypper in -t patch SUSE-SLE-WE-12-SP5-2023-4031=1
• SUSE Linux Enterprise High Availability Extension 12 SP5
  zypper in -t patch SUSE-SLE-HA-12-SP5-2023-4031=1

Package List:

• SUSE Linux Enterprise Live Patching 12-SP5 (nosrc)
  • kernel-default-4.12.14-122.179.1
• SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64)
  • kernel-default-kgraft-4.12.14-122.179.1
  • kernel-default-kgraft-devel-4.12.14-122.179.1
  • kernel-default-debugsource-4.12.14-122.179.1
  • kernel-default-debuginfo-4.12.14-122.179.1
  • kgraft-patch-4_12_14-122_179-default-1-8.3.1
• SUSE Linux Enterprise Software Development Kit 12 SP5 (noarch nosrc)
  • kernel-docs-4.12.14-122.179.1
• SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64)
  • kernel-obs-build-4.12.14-122.179.1
  • kernel-obs-build-debugsource-4.12.14-122.179.1
• SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 nosrc x86_64)
  • kernel-default-4.12.14-122.179.1
• SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64)
  • kernel-syms-4.12.14-122.179.1
  • kernel-default-base-debuginfo-4.12.14-122.179.1
  • kernel-default-devel-4.12.14-122.179.1
  • kernel-default-base-4.12.14-122.179.1
  • kernel-default-debugsource-4.12.14-122.179.1
  • kernel-default-debuginfo-4.12.14-122.179.1
• SUSE Linux Enterprise High Performance Computing 12 SP5 (noarch)
  • kernel-devel-4.12.14-122.179.1
  • kernel-source-4.12.14-122.179.1
  • kernel-macros-4.12.14-122.179.1
• SUSE Linux Enterprise High Performance Computing 12 SP5 (x86_64)
  • kernel-default-devel-debuginfo-4.12.14-122.179.1
• SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64 nosrc)
  • kernel-default-4.12.14-122.179.1
• SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64)
  • kernel-syms-4.12.14-122.179.1
  • kernel-default-base-debuginfo-4.12.14-122.179.1
  • kernel-default-devel-4.12.14-122.179.1
  • kernel-default-base-4.12.14-122.179.1
  • kernel-default-debugsource-4.12.14-122.179.1
  • kernel-default-debuginfo-4.12.14-122.179.1
• SUSE Linux Enterprise Server 12 SP5 (noarch)
  • kernel-devel-4.12.14-122.179.1
  • kernel-source-4.12.14-122.179.1
  • kernel-macros-4.12.14-122.179.1
• SUSE Linux Enterprise Server 12 SP5 (s390x)
  • kernel-default-man-4.12.14-122.179.1
• SUSE Linux Enterprise Server 12 SP5 (x86_64)
  • kernel-default-devel-debuginfo-4.12.14-122.179.1
• SUSE Linux Enterprise Server for SAP Applications 12 SP5 (nosrc ppc64le x86_64)
  • kernel-default-4.12.14-122.179.1
• SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64)
  • gfs2-kmp-default-4.12.14-122.179.1
  • ocfs2-kmp-default-4.12.14-122.179.1
  • kernel-syms-4.12.14-122.179.1
  • dlm-kmp-default-4.12.14-122.179.1
  • cluster-md-kmp-default-4.12.14-122.179.1
  • dlm-kmp-default-debuginfo-4.12.14-122.179.1
  • cluster-md-kmp-default-debuginfo-4.12.14-122.179.1
  • kernel-default-base-debuginfo-4.12.14-122.179.1
  • ocfs2-kmp-default-debuginfo-4.12.14-122.179.1
  • kernel-default-devel-4.12.14-122.179.1
  • gfs2-kmp-default-debuginfo-4.12.14-122.179.1
  • kernel-default-base-4.12.14-122.179.1
  • kernel-default-debugsource-4.12.14-122.179.1
  • kernel-default-debuginfo-4.12.14-122.179.1
• SUSE Linux Enterprise Server for SAP Applications 12 SP5 (noarch)
  • kernel-devel-4.12.14-122.179.1
  • kernel-source-4.12.14-122.179.1
  • kernel-macros-4.12.14-122.179.1
• SUSE Linux Enterprise Server for SAP Applications 12 SP5 (x86_64)
  • kernel-default-devel-debuginfo-4.12.14-122.179.1
• SUSE Linux Enterprise Workstation Extension 12 12-SP5 (nosrc)
  • kernel-default-4.12.14-122.179.1
• SUSE Linux Enterprise Workstation Extension 12 12-SP5 (x86_64)
  • kernel-default-extra-debuginfo-4.12.14-122.179.1
  • kernel-default-debugsource-4.12.14-122.179.1
  • kernel-default-debuginfo-4.12.14-122.179.1
  • kernel-default-extra-4.12.14-122.179.1
• SUSE Linux Enterprise High Availability Extension 12 SP5 (ppc64le s390x x86_64)
  • gfs2-kmp-default-4.12.14-122.179.1
  • ocfs2-kmp-default-4.12.14-122.179.1
  • dlm-kmp-default-4.12.14-122.179.1
  • cluster-md-kmp-default-4.12.14-122.179.1
  • dlm-kmp-default-debuginfo-4.12.14-122.179.1
  • cluster-md-kmp-default-debuginfo-4.12.14-122.179.1
  • ocfs2-kmp-default-debuginfo-4.12.14-122.179.1
  • gfs2-kmp-default-debuginfo-4.12.14-122.179.1
  • kernel-default-debugsource-4.12.14-122.179.1
  • kernel-default-debuginfo-4.12.14-122.179.1
• SUSE Linux Enterprise High Availability Extension 12 SP5 (nosrc)
  • kernel-default-4.12.14-122.179.1

References:

• https://www.suse.com/security/cve/CVE-2020-36766.html
• https://www.suse.com/security/cve/CVE-2023-0394.html
• https://www.suse.com/security/cve/CVE-2023-1192.html
• https://www.suse.com/security/cve/CVE-2023-1206.html
• https://www.suse.com/security/cve/CVE-2023-1859.html
• https://www.suse.com/security/cve/CVE-2023-39192.html
• https://www.suse.com/security/cve/CVE-2023-39193.html
• https://www.suse.com/security/cve/CVE-2023-39194.html
• https://www.suse.com/security/cve/CVE-2023-42754.html
• https://www.suse.com/security/cve/CVE-2023-4622.html
• https://www.suse.com/security/cve/CVE-2023-4623.html
• https://www.suse.com/security/cve/CVE-2023-4881.html
• https://www.suse.com/security/cve/CVE-2023-4921.html
• https://bugzilla.suse.com/show_bug.cgi?id=1065729
• https://bugzilla.suse.com/show_bug.cgi?id=1109837
• https://bugzilla.suse.com/show_bug.cgi?id=1152446
• https://bugzilla.suse.com/show_bug.cgi?id=1154048
• https://bugzilla.suse.com/show_bug.cgi?id=1207168
• https://bugzilla.suse.com/show_bug.cgi?id=12