Security update for the Linux Kernel

Announcement ID:	SUSE-SU-2023:2146-1
Rating:	important
References:	bsc#1202353 bsc#1205128 bsc#1206992 bsc#1209613 bsc#1209687 bsc#1209777 bsc#1209871 bsc#1210202 bsc#1210203 bsc#1210301 bsc#1210329 bsc#1210336 bsc#1210337 bsc#1210414 bsc#1210417 bsc#1210453 bsc#1210469 bsc#1210506 bsc#1210629 bsc#1210647
Cross-References:	CVE-2020-36691 CVE-2022-2196 CVE-2022-43945 CVE-2023-1611 CVE-2023-1670 CVE-2023-1838 CVE-2023-1855 CVE-2023-1872 CVE-2023-1989 CVE-2023-1990 CVE-2023-1998 CVE-2023-2008 CVE-2023-2162 CVE-2023-2176 CVE-2023-30772
CVSS scores:	CVE-2020-36691 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2020-36691 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2022-2196 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVE-2022-2196 ( NVD ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:L CVE-2022-43945 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2022-43945 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2023-1611 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2023-1611 ( NVD ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H CVE-2023-1670 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H CVE-2023-1670 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2023-1838 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2023-1838 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H CVE-2023-1855 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H CVE-2023-1855 ( NVD ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H CVE-2023-1872 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2023-1872 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2023-1989 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2023-1989 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2023-1990 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2023-1990 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2023-1998 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N CVE-2023-1998 ( NVD ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N CVE-2023-2008 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H CVE-2023-2008 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2023-2162 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2023-2162 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVE-2023-2176 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2023-2176 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2023-30772 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H CVE-2023-30772 ( NVD ): 6.4 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products:	SUSE Enterprise Storage 7 SUSE Linux Enterprise High Availability Extension 15 SP2 SUSE Linux Enterprise High Performance Computing 15 SP2 SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 SUSE Linux Enterprise Live Patching 15-SP2 SUSE Linux Enterprise Server 15 SP2 SUSE Linux Enterprise Server 15 SP2 Business Critical Linux 15-SP2 SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 SUSE Linux Enterprise Server for SAP Applications 15 SP2 SUSE Manager Proxy 4.1 SUSE Manager Retail Branch Server 4.1 SUSE Manager Server 4.1

An update that solves 15 vulnerabilities and has five security fixes can now be installed.

Description:

The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

• CVE-2023-1872:Fixed a use after free vulnerability in the io_uring subsystem, which could lead to local privilege escalation (bsc#1210414).
• CVE-2022-2196: Fixed a regression related to KVM that allowed for speculative execution attacks (bsc#1206992).
• CVE-2023-1670: Fixed a use after free in the Xircom 16-bit PCMCIA Ethernet driver. A local user could use this flaw to crash the system or potentially escalate their privileges on the system (bsc#1209871).
• CVE-2023-2162: Fixed an use-after-free flaw in iscsi_sw_tcp_session_create (bsc#1210647).
• CVE-2023-2176: A vulnerability was found in compare_netdev_and_ip in drivers/infiniband/core/cma.c in RDMA. The improper cleanup results in out-of-boundary read, where a local user can utilize this problem to crash the system or escalation of privilege (bsc#1210629).
• CVE-2023-1998: Fixed a use after free during login when accessing the shost ipaddress (bsc#1210506).
• CVE-2023-30772: Fixed a race condition and resultant use-after-free in da9150_charger_remove (bsc#1210329).
• CVE-2023-2008: A flaw was found in the fault handler of the udmabuf device driver. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code (bsc#1210453).
• CVE-2023-1855: Fixed a use after free in xgene_hwmon_remove (bsc#1210202).
• CVE-2020-36691: Fixed a denial of service (unbounded recursion) vulnerability via a nested Netlink policy with a back reference (bsc#1209613 bsc#1209777).
• CVE-2023-1990: Fixed a use after free in ndlc_remove (bsc#1210337).
• CVE-2023-1989: Fixed a use after free in btsdio_remove (bsc#1210336).
• CVE-2022-43945: Fixed a buffer overflow in the NFSD implementation (bsc#1205128).
• CVE-2023-1611: Fixed an use-after-free flaw in btrfs_search_slot (bsc#1209687).
• CVE-2023-1838: Fixed an use-after-free flaw in virtio network subcomponent. This flaw could allow a local attacker to crash the system and lead to a kernel information leak problem. (bsc#1210203).

The following non-security bugs were fixed:

• Drivers: vmbus: Check for channel allocation before looking up relids (git-fixes).
• Replace mkinitrd dependency with dracut (bsc#1202353).
• cifs: fix negotiate context parsing (bsc#1210301).

Special Instructions and Notes:

• Please reboot the system after installing this update.

Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

• SUSE Linux Enterprise Live Patching 15-SP2
  zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP2-2023-2146=1
• SUSE Linux Enterprise High Availability Extension 15 SP2
  zypper in -t patch SUSE-SLE-Product-HA-15-SP2-2023-2146=1
• SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2
  zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2023-2146=1
• SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2
  zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2023-2146=1
• SUSE Linux Enterprise Server for SAP Applications 15 SP2
  zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2023-2146=1
• SUSE Enterprise Storage 7
  zypper in -t patch SUSE-Storage-7-2023-2146=1

Package List:

• SUSE Linux Enterprise Live Patching 15-SP2 (nosrc)
  • kernel-default-5.3.18-150200.24.151.1
• SUSE Linux Enterprise Live Patching 15-SP2 (ppc64le s390x x86_64)
  • kernel-default-livepatch-5.3.18-150200.24.151.1
  • kernel-default-livepatch-devel-5.3.18-150200.24.151.1
  • kernel-livepatch-5_3_18-150200_24_151-default-debuginfo-1-150200.5.3.1
  • kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1
  • kernel-default-debugsource-5.3.18-150200.24.151.1
  • kernel-livepatch-SLE15-SP2_Update_36-debugsource-1-150200.5.3.1
  • kernel-default-debuginfo-5.3.18-150200.24.151.1
• SUSE Linux Enterprise High Availability Extension 15 SP2 (aarch64 ppc64le s390x x86_64)
  • dlm-kmp-default-debuginfo-5.3.18-150200.24.151.1
  • ocfs2-kmp-default-5.3.18-150200.24.151.1
  • gfs2-kmp-default-5.3.18-150200.24.151.1
  • kernel-default-debuginfo-5.3.18-150200.24.151.1
  • ocfs2-kmp-default-debuginfo-5.3.18-150200.24.151.1
  • kernel-default-debugsource-5.3.18-150200.24.151.1
  • cluster-md-kmp-default-debuginfo-5.3.18-150200.24.151.1
  • gfs2-kmp-default-debuginfo-5.3.18-150200.24.151.1
  • dlm-kmp-default-5.3.18-150200.24.151.1
  • cluster-md-kmp-default-5.3.18-150200.24.151.1
• SUSE Linux Enterprise High Availability Extension 15 SP2 (nosrc)
  • kernel-default-5.3.18-150200.24.151.1
• SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 nosrc x86_64)
  • kernel-default-5.3.18-150200.24.151.1
  • kernel-preempt-5.3.18-150200.24.151.1
• SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64)
  • kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1
  • kernel-default-devel-5.3.18-150200.24.151.1
  • kernel-obs-build-debugsource-5.3.18-150200.24.151.1
  • kernel-preempt-devel-5.3.18-150200.24.151.1
  • kernel-preempt-debuginfo-5.3.18-150200.24.151.1
  • kernel-preempt-debugsource-5.3.18-150200.24.151.1
  • kernel-obs-build-5.3.18-150200.24.151.1
  • kernel-syms-5.3.18-150200.24.151.1
  • kernel-default-debugsource-5.3.18-150200.24.151.1
  • kernel-default-devel-debuginfo-5.3.18-150200.24.151.1
  • kernel-preempt-devel-debuginfo-5.3.18-150200.24.151.1
  • kernel-default-debuginfo-5.3.18-150200.24.151.1
• SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (noarch)
  • kernel-devel-5.3.18-150200.24.151.1
  • kernel-macros-5.3.18-150200.24.151.1
  • kernel-source-5.3.18-150200.24.151.1
• SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (noarch nosrc)
  • kernel-docs-5.3.18-150200.24.151.1
• SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64 nosrc)
  • kernel-default-5.3.18-150200.24.151.1
• SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64)
  • kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1
  • kernel-default-devel-5.3.18-150200.24.151.1
  • kernel-obs-build-debugsource-5.3.18-150200.24.151.1
  • reiserfs-kmp-default-5.3.18-150200.24.151.1
  • kernel-obs-build-5.3.18-150200.24.151.1
  • kernel-syms-5.3.18-150200.24.151.1
  • kernel-default-debugsource-5.3.18-150200.24.151.1
  • kernel-default-devel-debuginfo-5.3.18-150200.24.151.1
  • reiserfs-kmp-default-debuginfo-5.3.18-150200.24.151.1
  • kernel-default-debuginfo-5.3.18-150200.24.151.1
• SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (noarch)
  • kernel-devel-5.3.18-150200.24.151.1
  • kernel-macros-5.3.18-150200.24.151.1
  • kernel-source-5.3.18-150200.24.151.1
• SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (noarch nosrc)
  • kernel-docs-5.3.18-150200.24.151.1
• SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 nosrc x86_64)
  • kernel-preempt-5.3.18-150200.24.151.1
• SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 x86_64)
  • kernel-preempt-devel-5.3.18-150200.24.151.1
  • kernel-preempt-debugsource-5.3.18-150200.24.151.1
  • kernel-preempt-devel-debuginfo-5.3.18-150200.24.151.1
  • kernel-preempt-debuginfo-5.3.18-150200.24.151.1
• SUSE Linux Enterprise Server for SAP Applications 15 SP2 (nosrc ppc64le x86_64)
  • kernel-default-5.3.18-150200.24.151.1
• SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64)
  • kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1
  • kernel-default-devel-5.3.18-150200.24.151.1
  • kernel-obs-build-debugsource-5.3.18-150200.24.151.1
  • reiserfs-kmp-default-5.3.18-150200.24.151.1
  • kernel-obs-build-5.3.18-150200.24.151.1
  • kernel-syms-5.3.18-150200.24.151.1
  • kernel-default-debugsource-5.3.18-150200.24.151.1
  • kernel-default-devel-debuginfo-5.3.18-150200.24.151.1
  • reiserfs-kmp-default-debuginfo-5.3.18-150200.24.151.1
  • kernel-default-debuginfo-5.3.18-150200.24.151.1
• SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch)
  • kernel-devel-5.3.18-150200.24.151.1
  • kernel-macros-5.3.18-150200.24.151.1
  • kernel-source-5.3.18-150200.24.151.1
• SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch nosrc)
  • kernel-docs-5.3.18-150200.24.151.1
• SUSE Linux Enterprise Server for SAP Applications 15 SP2 (nosrc x86_64)
  • kernel-preempt-5.3.18-150200.24.151.1
• SUSE Linux Enterprise Server for SAP Applications 15 SP2 (x86_64)
  • kernel-preempt-devel-5.3.18-150200.24.151.1
  • kernel-preempt-debugsource-5.3.18-150200.24.151.1
  • kernel-preempt-devel-debuginfo-5.3.18-150200.24.151.1
  • kernel-preempt-debuginfo-5.3.18-150200.24.151.1
• SUSE Enterprise Storage 7 (aarch64 nosrc x86_64)
  • kernel-default-5.3.18-150200.24.151.1
  • kernel-preempt-5.3.18-150200.24.151.1
• SUSE Enterprise Storage 7 (aarch64 x86_64)
  • kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1
  • kernel-default-devel-5.3.18-150200.24.151.1
  • kernel-obs-build-debugsource-5.3.18-150200.24.151.1
  • kernel-preempt-devel-5.3.18-150200.24.151.1
  • reiserfs-kmp-default-5.3.18-150200.24.151.1
  • kernel-preempt-debuginfo-5.3.18-150200.24.151.1
  • kernel-preempt-debugsource-5.3.18-150200.24.151.1
  • kernel-obs-build-5.3.18-150200.24.151.1
  • kernel-syms-5.3.18-150200.24.151.1
  • kernel-default-debugsource-5.3.18-150200.24.151.1
  • kernel-default-devel-debuginfo-5.3.18-150200.24.151.1
  • kernel-preempt-devel-debuginfo-5.3.18-150200.24.151.1
  • reiserfs-kmp-default-debuginfo-5.3.18-150200.24.151.1
  • kernel-default-debuginfo-5.3.18-150200.24.151.1
• SUSE Enterprise Storage 7 (noarch)
  • kernel-devel-5.3.18-150200.24.151.1
  • kernel-macros-5.3.18-150200.24.151.1
  • kernel-source-5.3.18-150200.24.151.1
• SUSE Enterprise Storage 7 (noarch nosrc)
  • kernel-docs-5.3.18-150200.24.151.1

References:

• https://www.suse.com/security/cve/CVE-2020-36691.html
• https://www.suse.com/security/cve/CVE-2022-2196.html
• https://www.suse.com/security/cve/CVE-2022-43945.html
• https://www.suse.com/security/cve/CVE-2023-1611.html
• https://www.suse.com/security/cve/CVE-2023-1670.html
• https://www.suse.com/security/cve/CVE-2023-1838.html
• https://www.suse.com/security/cve/CVE-2023-1855.html
• https://www.suse.com/security/cve/CVE-2023-1872.html
• https://www.suse.com/security/cve/CVE-2023-1989.html
• https://www.suse.com/security/cve/CVE-2023-1990.html
• https://www.suse.com/security/cve/CVE-2023-1998.html
• https://www.suse.com/security/cve/CVE-2023-2008.html
• https://www.suse.com/security/cve/CVE-2023-2162.html
• https://www.suse.com/security/cve/CVE-2023-2176.html
• https://www.suse.com/security/cve/CVE-2023-30772.html
• https://bugzilla.suse.com/show_bug.cgi?id=1202353
• https://bugzilla.suse.com/show_bug.cgi?id=1205128
• https://bugzilla.suse.com/show_bug.cgi?id=1206992
• https://bugzilla.suse.com/show_bug.cgi?id=1209613
• https://bugzilla.suse.com/show_bug.cgi?id=1209687
• https://bugzilla.suse.com/show_bug.cgi?id=1209777
• https://bugzilla.suse.com/show_bug.cgi?id=1209871
• https://bugzilla.suse.com/show_bug.cgi?id=1210202
• https://bugzilla.suse.com/show_bug.cgi?id=1210203
• https://bugzilla.suse.com/show_bug.cgi?id=1210301
• https://bugzilla.suse.com/show_bug.cgi?id=1210329
• https://bugzilla.suse.com/show_bug.cgi?id=1210336
• https://bugzilla.suse.com/show_bug.cgi?id=1210337
• https://bugzilla.suse.com/show_bug.cgi?id=1210414
• https://bugzilla.suse.com/show_bug.cgi?id=1210417
• https://bugzilla.suse.com/show_bug.cgi?id=1210453
• https://bugzilla.suse.com/show_bug.cgi?id=1210469
• https://bugzilla.suse.com/show_bug.cgi?id=1210506
• https://bugzilla.suse.com/show_bug.cgi?id=1210629
• https://bugzilla.suse.com/show_bug.cgi?id=1210647