Security update for the Linux Kernel

Announcement ID:	SUSE-SU-2023:1710-1
Rating:	important
References:	bsc#1166486 bsc#1177529 bsc#1193629 bsc#1197534 bsc#1197617 bsc#1198438 bsc#1202353 bsc#1202633 bsc#1203200 bsc#1203331 bsc#1203332 bsc#1204363 bsc#1204993 bsc#1205544 bsc#1205846 bsc#1206103 bsc#1206224 bsc#1206232 bsc#1206459 bsc#1206492 bsc#1206493 bsc#1206640 bsc#1206824 bsc#1206876 bsc#1206877 bsc#1206878 bsc#1206880 bsc#1206881 bsc#1206882 bsc#1206883 bsc#1206884 bsc#1206885 bsc#1206886 bsc#1206889 bsc#1206894 bsc#1206935 bsc#1207051 bsc#1207270 bsc#1207328 bsc#1207529 bsc#1207560 bsc#1207588 bsc#1207589 bsc#1207590 bsc#1207591 bsc#1207592 bsc#1207593 bsc#1207594 bsc#1207603 bsc#1207605 bsc#1207606 bsc#1207607 bsc#1207608 bsc#1207609 bsc#1207610 bsc#1207613 bsc#1207615 bsc#1207617 bsc#1207618 bsc#1207619 bsc#1207620 bsc#1207621 bsc#1207623 bsc#1207624 bsc#1207625 bsc#1207626 bsc#1207628 bsc#1207630 bsc#1207631 bsc#1207632 bsc#1207634 bsc#1207635 bsc#1207636 bsc#1207638 bsc#1207639 bsc#1207641 bsc#1207642 bsc#1207643 bsc#1207644 bsc#1207645 bsc#1207646 bsc#1207647 bsc#1207648 bsc#1207651 bsc#1207653 bsc#1207770 bsc#1207773 bsc#1207845 bsc#1207875 bsc#1208149 bsc#1208153 bsc#1208179 bsc#1208183 bsc#1208212 bsc#1208290 bsc#1208420 bsc#1208428 bsc#1208429 bsc#1208449 bsc#1208534 bsc#1208541 bsc#1208570 bsc#1208598 bsc#1208599 bsc#1208601 bsc#1208603 bsc#1208605 bsc#1208607 bsc#1208628 bsc#1208700 bsc#1208741 bsc#1208759 bsc#1208776 bsc#1208777 bsc#1208784 bsc#1208787 bsc#1208816 bsc#1208837 bsc#1208843 bsc#1208848 bsc#1209008 bsc#1209159 bsc#1209188 bsc#1209256 bsc#1209258 bsc#1209262 bsc#1209291 bsc#1209436 bsc#1209457 bsc#1209504
Cross-References:	CVE-2022-3523 CVE-2022-36280 CVE-2022-38096 CVE-2023-0045 CVE-2023-0461 CVE-2023-0597 CVE-2023-1075 CVE-2023-1076 CVE-2023-1078 CVE-2023-1095 CVE-2023-1118 CVE-2023-22995 CVE-2023-22998 CVE-2023-23000 CVE-2023-23004 CVE-2023-23559 CVE-2023-25012 CVE-2023-26545 CVE-2023-28328
CVSS scores:	CVE-2022-3523 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H CVE-2022-3523 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2022-36280 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2022-36280 ( NVD ): 6.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:H CVE-2022-38096 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2022-38096 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2023-0045 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N CVE-2023-0045 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N CVE-2023-0461 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2023-0461 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2023-0597 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVE-2023-0597 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVE-2023-1075 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N CVE-2023-1075 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N CVE-2023-1076 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N CVE-2023-1076 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N CVE-2023-1078 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2023-1078 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2023-1095 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2023-1095 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2023-1118 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2023-1118 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2023-22995 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L CVE-2023-22995 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2023-22998 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2023-22998 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2023-23000 ( SUSE ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2023-23000 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2023-23004 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H CVE-2023-23004 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2023-23559 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L CVE-2023-23559 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2023-25012 ( SUSE ): 6.8 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2023-25012 ( NVD ): 4.6 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2023-26545 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2023-26545 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2023-28328 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2023-28328 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Affected Products:	Basesystem Module 15-SP4 Development Tools Module 15-SP4 Legacy Module 15-SP4 openSUSE Leap 15.4 openSUSE Leap Micro 5.3 SUSE Linux Enterprise Desktop 15 SP4 SUSE Linux Enterprise High Availability Extension 15 SP4 SUSE Linux Enterprise High Performance Computing 15 SP4 SUSE Linux Enterprise Live Patching 15-SP4 SUSE Linux Enterprise Micro 5.3 SUSE Linux Enterprise Micro 5.4 SUSE Linux Enterprise Micro for Rancher 5.3 SUSE Linux Enterprise Micro for Rancher 5.4 SUSE Linux Enterprise Real Time 15 SP4 SUSE Linux Enterprise Server 15 SP4 SUSE Linux Enterprise Server for SAP Applications 15 SP4 SUSE Linux Enterprise Workstation Extension 15 SP4 SUSE Manager Proxy 4.3 SUSE Manager Retail Branch Server 4.3 SUSE Manager Server 4.3

An update that solves 19 vulnerabilities and has 111 security fixes can now be installed.

Description:

The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security and bugfixes.

CVE-2022-3523: Fixed a use after free related to device private page handling (bsc#1204363).
CVE-2022-36280: Fixed out-of-bounds memory access vulnerability found in vmwgfx driver (bsc#1203332).
CVE-2022-38096: Fixed NULL-ptr deref in vmw_cmd_dx_define_query() (bsc#1203331).
CVE-2023-0045: Fixed missing Flush IBP in ib_prctl_set (bsc#1207773).
CVE-2023-0461: Fixed use-after-free in icsk_ulp_data (bsc#1208787).
CVE-2023-0597: Fixed lack of randomization of per-cpu entry area in x86/mm (bsc#1207845).
CVE-2023-1075: Fixed a type confusion in tls_is_tx_ready (bsc#1208598).
CVE-2023-1076: Fixed incorrect UID assigned to tun/tap sockets (bsc#1208599).
CVE-2023-1078: Fixed a heap out-of-bounds write in rds_rm_zerocopy_callback (bsc#1208601).
CVE-2023-1095: Fixed a NULL pointer dereference in nf_tables due to zeroed list head (bsc#1208777).
CVE-2023-1118: Fixed a use-after-free bugs caused by ene_tx_irqsim() in media/rc (bsc#1208837).
CVE-2023-22995: Fixed lacks of certain platform_device_put and kfree in drivers/usb/dwc3/dwc3-qcom.c (bsc#1208741).
CVE-2023-22998: Fixed NULL vs IS_ERR checking in virtio_gpu_object_shmem_init (bsc#1208776).
CVE-2023-23000: Fixed return value of tegra_xusb_find_port_node function phy/tegra (bsc#1208816).
CVE-2023-23004: Fixed misinterpretation of get_sg_table return value (bsc#1208843).
CVE-2023-23559: Fixed integer overflow in rndis_wlan that leads to a buffer overflow (bsc#1207051).
CVE-2023-25012: Fixed a use-after-free in bigben_set_led() (bsc#1207560).
CVE-2023-26545: Fixed double free in net/mpls/af_mpls.c upon an allocation failure (bsc#1208700).
CVE-2023-28328: Fixed a denial of service issue in az6027 driver in drivers/media/usb/dev-usb/az6027.c (bsc#1209291).

The following non-security bugs were fixed:

[infiniband] READ is "data destination", not source... (git-fixes)
[xen] fix "direction" argument of iov_iter_kvec() (git-fixes).
acpi/x86: Add support for LPS0 callback handler (git-fixes).
acpi: Do not build ACPICA with '-Os' (git-fixes).
acpi: NFIT: fix a potential deadlock during NFIT teardown (git-fixes).
acpi: PM: s2idle: Add support for upcoming AMD uPEP HID AMDI008 (bsc#1206224).
acpi: PM: s2idle: Use LPS0 idle if ACPI_FADT_LOW_POWER_S0 is unset (bsc#1206224).
acpi: battery: Fix missing NUL-termination with large strings (git-fixes).
acpi: resource: Add helper function acpi_dev_get_memory_resources() (git-fixes).
acpi: video: Fix Lenovo Ideapad Z570 DMI match (git-fixes).
acpi: x86: s2idle: Add a quirk for ASUS ROG Zephyrus G14 (bsc#1206224).
acpi: x86: s2idle: Add a quirk for ASUS TUF Gaming A17 FA707RE (bsc#1206224).
acpi: x86: s2idle: Add a quirk for ASUSTeK COMPUTER INC. ROG Flow X13 (bsc#1206224).
acpi: x86: s2idle: Add a quirk for Lenovo Slim 7 Pro 14ARH7 (bsc#1206224).
acpi: x86: s2idle: Add another ID to s2idle_dmi_table (bsc#1206224).
acpi: x86: s2idle: Add module parameter to prefer Microsoft GUID (bsc#1206224).
acpi: x86: s2idle: Fix a NULL pointer dereference (bsc#1206224).
acpi: x86: s2idle: Force AMD GUID/_REV 2 on HP Elitebook 865 (bsc#1206224).
acpi: x86: s2idle: If a new AMD _HID is missing assume Rembrandt (bsc#1206224).
acpi: x86: s2idle: Move _HID handling for AMD systems into structures (bsc#1206224).
acpi: x86: s2idle: Stop using AMD specific codepath for Rembrandt+ (bsc#1206224).
acpica: Drop port I/O validation for some regions (git-fixes).
acpica: nsrepair: handle cases without a return value correctly (git-fixes).
add cherry-picked id for nouveau patch
alsa: emux: Avoid potential array out-of-bound in snd_emux_xg_control() (git-fixes).
alsa: hda/ca0132: minor fix for allocation size (git-fixes).
alsa: hda/conexant: add a new hda codec SN6180 (git-fixes).
alsa: hda/realtek - fixed wrong gpio assigned (git-fixes).
alsa: hda/realtek: Add Positivo N14KP6-TG (git-fixes).
alsa: hda/realtek: Add quirk for ASUS UM3402 using CS35L41 (git-fixes).
alsa: hda/realtek: Add quirk for HP EliteDesk 800 G6 Tower PC (git-fixes).
alsa: hda/realtek: Enable mute/micmute LEDs on HP Elitebook, 645 G9 (git-fixes).
alsa: hda/realtek: Fix the speaker output on Samsung Galaxy Book2 Pro 360 (git-fixes).
alsa: hda/realtek: fix mute/micmute LEDs do not work for a HP platform (git-fixes).
alsa: hda: Do not unset preset when cleaning up codec (git-fixes).
alsa: hda: Match only Intel devices with CONTROLLER_IN_GPU() (git-fixes).
alsa: ice1712: Delete unreachable code in aureon_add_controls() (git-fixes).
alsa: ice1712: Do not left ice->gpio_mutex