Security update for the Linux Kernel SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2023:3309-1 Final 1 1 2023-09-08T15:41:47Z current 2023-09-08T15:41:47Z 2023-09-08T15:41:47Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for the Linux Kernel The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2023-20593: Fixed a ZenBleed issue in 'Zen 2' CPUs that could allow an attacker to potentially access sensitive information (bsc#1213286). - CVE-2023-2985: Fixed an use-after-free vulnerability in hfsplus_put_super in fs/hfsplus/super.c that could allow a local user to cause a denial of service (bsc#1211867). - CVE-2023-35001: Fixed an out-of-bounds memory access flaw in nft_byteorder that could allow a local attacker to escalate their privilege (bsc#1213059). - CVE-2022-40982: A transient execution attack called 'Gather Data Sampling' affecting is mitigated, together with respective Intel CPU Microcode updates (bsc#1206418, CVE-2022-40982). - CVE-2023-0459: Fixed that copy_from_user on 64-bit versions of the Linux kernel did not implement the __uaccess_begin_nospec allowing a user to bypass the 'access_ok' check which could be used to leak information (bsc#1211738). - CVE-2023-20569: A side channel attack known as ‘Inception’ or ‘RAS Poisoning’ may allow an attacker to influence branch prediction, potentially leading to information disclosure. (bsc#1213287). - CVE-2023-3567: A use-after-free flaw was found in vcs_read in drivers/tty/vt/vc_screen.c in vc_screen. This flaw allowed an attacker with local user access to cause a system crash or leak internal kernel information (bsc#1213167bsc#1213842). - CVE-2023-3609: A use-after-free vulnerability was fixed in net/sched: cls_u32 component can be exploited to achieve local privilege escalation. If tcf_change_indev() fails, u32_set_parms() will immediately return an error after incrementing or decrementing the reference counter in tcf_bind_filter(). If an attacker can control the reference counter and set it to zero, they can cause the reference to be freed, leading to a use-after-free vulnerability. (bsc#1213586). - CVE-2023-3611: An out-of-bounds write vulnerability was fixed in net/sched: sch_qfq component can be exploited to achieve local privilege escalation. The qfq_change_agg() function in net/sched/sch_qfq.c allowed an out-of-bounds write because lmax is updated according to packet sizes without bounds checks. (bsc#1213585). - CVE-2023-3776: A use-after-free vulnerability was fixed in net/sched: cls_fw component can be exploited to achieve local privilege escalation. If tcf_change_indev() fails, fw_set_parms() will immediately return an error after incrementing or decrementing the reference counter in tcf_bind_filter(). If an attacker can control the reference counter and set it to zero, they can cause the reference to be freed, leading to a use-after-free vulnerability. (bsc#1213588). The following non-security bugs were fixed: - Fix double fget() in vhost_net_set_backend() (git-fixes). - NFSv4.1: Always send a RECLAIM_COMPLETE after establishing lease (git-fixes). - SUNRPC: Fix UAF in svc_tcp_listen_data_ready() (git-fixes). - SUNRPC: remove the maximum number of retries in call_bind_status (git-fixes). - block: Fix a source code comment in include/uapi/linux/blkzoned.h (git-fixes). - livepatch: check kzalloc return values (git-fixes). - media: videodev2.h: Fix struct v4l2_input tuner index comment (git-fixes). - net/sched: sch_qfq: refactor parsing of netlink parameters (bsc#1213585). - net: skip virtio_net_hdr_set_proto if protocol already set (git-fixes). - net: virtio_net_hdr_to_skb: count transport header in UFO (git-fixes). - nfsd: fix double fget() bug in __write_ports_addfd() (git-fixes). - powerpc/64: Update Speculation_Store_Bypass in /proc/<pid>/status (bsc#1188885 ltc#193722 git-fixes). - powerpc/security: Fix Speculation_Store_Bypass reporting on Power10 (bsc#1188885 ltc#193722 git-fixes). - rpm/check-for-config-changes: ignore also RISCV_ISA_* and DYNAMIC_SIGFRAME They depend on CONFIG_TOOLCHAIN_HAS_*. - s390/cio: add dev_busid sysfs entry for each subchannel (bsc#1207526). - s390/cio: check the subchannel validity for dev_busid (bsc#1207526). - s390/cio: introduce io_subchannel_type (bsc#1207526). - s390/cpum_sf: Adjust sampling interval to avoid hitting sample limits (git-fixes bsc#1213827). - s390/maccess: add no DAT mode to kernel_write (git-fixes bsc#1213825). - s390/numa: move initial setup of node_to_cpumask_map (git-fixes bsc#1213766). - scsi: qla2xxx: Adjust IOCB resource on qpair create (bsc#1213747). - scsi: qla2xxx: Array index may go out of bound (bsc#1213747). - scsi: qla2xxx: Avoid fcport pointer dereference (bsc#1213747). - scsi: qla2xxx: Check valid rport returned by fc_bsg_to_rport() (bsc#1213747). - scsi: qla2xxx: Correct the index of array (bsc#1213747). - scsi: qla2xxx: Drop useless LIST_HEAD (bsc#1213747). - scsi: qla2xxx: Fix NULL pointer dereference in target mode (bsc#1213747). - scsi: qla2xxx: Fix TMF leak through (bsc#1213747). - scsi: qla2xxx: Fix buffer overrun (bsc#1213747). - scsi: qla2xxx: Fix command flush during TMF (bsc#1213747). - scsi: qla2xxx: Fix deletion race condition (bsc#1213747). - scsi: qla2xxx: Fix end of loop test (bsc#1213747). - scsi: qla2xxx: Fix erroneous link up failure (bsc#1213747). - scsi: qla2xxx: Fix error code in qla2x00_start_sp() (bsc#1213747). - scsi: qla2xxx: Fix potential NULL pointer dereference (bsc#1213747). - scsi: qla2xxx: Fix session hang in gnl (bsc#1213747). - scsi: qla2xxx: Limit TMF to 8 per function (bsc#1213747). - scsi: qla2xxx: Pointer may be dereferenced (bsc#1213747). - scsi: qla2xxx: Remove unused nvme_ls_waitq wait queue (bsc#1213747). - scsi: qla2xxx: Silence a static checker warning (bsc#1213747). - scsi: qla2xxx: Turn off noisy message log (bsc#1213747). - scsi: qla2xxx: Update version to 10.02.08.400-k (bsc#1213747). - scsi: qla2xxx: Update version to 10.02.08.500-k (bsc#1213747). - scsi: qla2xxx: fix inconsistent TMF timeout (bsc#1213747). - svcrdma: Prevent page release when nothing was received (git-fixes). - vfio-ccw: Prevent quiesce function going into an infinite loop (git-fixes bsc#1213819). - vfio-ccw: Release any channel program when releasing/removing vfio-ccw mdev (git-fixes bsc#1213823). - vhost/test: fix build for vhost test (git-fixes). - vhost/vsock: Use kvmalloc/kvfree for larger packets (git-fixes). - vhost/vsock: do not check owner in vhost_vsock_stop() while releasing (git-fixes). - vhost/vsock: fix incorrect used length reported to the guest (git-fixes). - vhost/vsock: fix packet delivery order to monitoring devices (git-fixes). - vhost/vsock: split packets to send using multiple buffers (git-fixes). - vhost: Fix the calculation in vhost_overflow() (git-fixes). - vhost_net: disable zerocopy by default (git-fixes). - vhost_net: fix OoB on sendmsg() failure (git-fixes). - virtio-balloon: fix managed page counts when migrating pages between zones (git-fixes). - virtio-mmio: fix missing put_device() when vm_cmdline_parent registration failed (git-fixes). - virtio-net: Keep stop() to follow mirror sequence of open() (git-fixes). - virtio-pci: Remove wrong address verification in vp_del_vqs() (git-fixes). - virtio: Improve vq->broken access to avoid any compiler optimization (git-fixes). - virtio_net: Fix error handling in virtnet_restore() (git-fixes). - virtio_net: bugfix overflow inside xdp_linearize_page() (git-fixes). - virtio_net: fix xdp_rxq_info bug after suspend/resume (git-fixes). - virtio_ring: Fix querying of maximum DMA mapping size for virtio device (git-fixes). - vringh: Use wiov->used to check for read/write desc order (git-fixes). - vringh: fix __vringh_iov() when riov and wiov are different (git-fixes). - vsock/virtio: stop workers during the .remove() (git-fixes). - vsock/virtio: use RCU to avoid use-after-free on the_virtio_vsock (git-fixes). - xen/blkfront: Only check REQ_FUA for writes (git-fixes). The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Image SLES12-SP5-Azure-BYOS-2023-3309,Image SLES12-SP5-Azure-HPC-BYOS-2023-3309,Image SLES12-SP5-Azure-SAP-BYOS-2023-3309,Image SLES12-SP5-Azure-SAP-On-Demand-2023-3309,Image SLES12-SP5-EC2-BYOS-2023-3309,Image SLES12-SP5-EC2-ECS-On-Demand-2023-3309,Image SLES12-SP5-EC2-On-Demand-2023-3309,Image SLES12-SP5-EC2-SAP-BYOS-2023-3309,Image SLES12-SP5-EC2-SAP-On-Demand-2023-3309,Image SLES12-SP5-GCE-BYOS-2023-3309,Image SLES12-SP5-GCE-On-Demand-2023-3309,Image SLES12-SP5-GCE-SAP-BYOS-2023-3309,Image SLES12-SP5-GCE-SAP-On-Demand-2023-3309,Image SLES12-SP5-SAP-Azure-LI-BYOS-Production-2023-3309,Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production-2023-3309,SUSE-2023-3309,SUSE-SLE-HA-12-SP5-2023-3309,SUSE-SLE-Live-Patching-12-SP5-2023-3309,SUSE-SLE-SDK-12-SP5-2023-3309,SUSE-SLE-SERVER-12-SP5-2023-3309,SUSE-SLE-WE-12-SP5-2023-3309 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2023/suse-su-20233309-1/ Link for SUSE-SU-2023:3309-1 https://lists.suse.com/pipermail/sle-security-updates/2023-August/015902.html E-Mail link for SUSE-SU-2023:3309-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1188885 SUSE Bug 1188885 https://bugzilla.suse.com/1202670 SUSE Bug 1202670 https://bugzilla.suse.com/1206418 SUSE Bug 1206418 https://bugzilla.suse.com/1207526 SUSE Bug 1207526 https://bugzilla.suse.com/1207528 SUSE Bug 1207528 https://bugzilla.suse.com/1211738 SUSE Bug 1211738 https://bugzilla.suse.com/1211867 SUSE Bug 1211867 https://bugzilla.suse.com/1212266 SUSE Bug 1212266 https://bugzilla.suse.com/1213059 SUSE Bug 1213059 https://bugzilla.suse.com/1213167 SUSE Bug 1213167 https://bugzilla.suse.com/1213286 SUSE Bug 1213286 https://bugzilla.suse.com/1213287 SUSE Bug 1213287 https://bugzilla.suse.com/1213350 SUSE Bug 1213350 https://bugzilla.suse.com/1213585 SUSE Bug 1213585 https://bugzilla.suse.com/1213586 SUSE Bug 1213586 https://bugzilla.suse.com/1213588 SUSE Bug 1213588 https://bugzilla.suse.com/1213705 SUSE Bug 1213705 https://bugzilla.suse.com/1213747 SUSE Bug 1213747 https://bugzilla.suse.com/1213766 SUSE Bug 1213766 https://bugzilla.suse.com/1213819 SUSE Bug 1213819 https://bugzilla.suse.com/1213823 SUSE Bug 1213823 https://bugzilla.suse.com/1213825 SUSE Bug 1213825 https://bugzilla.suse.com/1213827 SUSE Bug 1213827 https://bugzilla.suse.com/1213842 SUSE Bug 1213842 https://bugzilla.suse.com/962880 SUSE Bug 962880 https://www.suse.com/security/cve/CVE-2022-40982/ SUSE CVE CVE-2022-40982 page https://www.suse.com/security/cve/CVE-2023-0459/ SUSE CVE CVE-2023-0459 page https://www.suse.com/security/cve/CVE-2023-20569/ SUSE CVE CVE-2023-20569 page https://www.suse.com/security/cve/CVE-2023-20593/ SUSE CVE CVE-2023-20593 page https://www.suse.com/security/cve/CVE-2023-2985/ SUSE CVE CVE-2023-2985 page https://www.suse.com/security/cve/CVE-2023-35001/ SUSE CVE CVE-2023-35001 page https://www.suse.com/security/cve/CVE-2023-3567/ SUSE CVE CVE-2023-3567 page https://www.suse.com/security/cve/CVE-2023-3609/ SUSE CVE CVE-2023-3609 page https://www.suse.com/security/cve/CVE-2023-3611/ SUSE CVE CVE-2023-3611 page https://www.suse.com/security/cve/CVE-2023-3776/ SUSE CVE CVE-2023-3776 page Image SLES12-SP5-Azure-BYOS Image SLES12-SP5-Azure-HPC-BYOS Image SLES12-SP5-Azure-SAP-BYOS Image SLES12-SP5-Azure-SAP-On-Demand Image SLES12-SP5-EC2-BYOS Image SLES12-SP5-EC2-ECS-On-Demand Image SLES12-SP5-EC2-On-Demand Image SLES12-SP5-EC2-SAP-BYOS Image SLES12-SP5-EC2-SAP-On-Demand Image SLES12-SP5-GCE-BYOS Image SLES12-SP5-GCE-On-Demand Image SLES12-SP5-GCE-SAP-BYOS Image SLES12-SP5-GCE-SAP-On-Demand Image SLES12-SP5-SAP-Azure-LI-BYOS-Production Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production SUSE Linux Enterprise High Availability Extension 12 SP5 SUSE Linux Enterprise Live Patching 12 SP5 SUSE Linux Enterprise Server 12 SP5 SUSE Linux Enterprise Server for SAP Applications 12 SP5 SUSE Linux Enterprise Software Development Kit 12 SP5 SUSE Linux Enterprise Workstation Extension 12 SP5 kernel-default-4.12.14-122.173.1 cluster-md-kmp-default-4.12.14-122.173.1 dlm-kmp-default-4.12.14-122.173.1 gfs2-kmp-default-4.12.14-122.173.1 ocfs2-kmp-default-4.12.14-122.173.1 kernel-debug-4.12.14-122.173.1 kernel-debug-base-4.12.14-122.173.1 kernel-debug-devel-4.12.14-122.173.1 kernel-debug-kgraft-devel-4.12.14-122.173.1 kernel-default-base-4.12.14-122.173.1 kernel-default-devel-4.12.14-122.173.1 kernel-default-extra-4.12.14-122.173.1 kernel-default-kgraft-4.12.14-122.173.1 kernel-default-kgraft-devel-4.12.14-122.173.1 kernel-default-man-4.12.14-122.173.1 kernel-devel-4.12.14-122.173.1 kernel-docs-4.12.14-122.173.1 kernel-docs-html-4.12.14-122.173.1 kernel-kvmsmall-4.12.14-122.173.1 kernel-kvmsmall-base-4.12.14-122.173.1 kernel-kvmsmall-devel-4.12.14-122.173.1 kernel-kvmsmall-kgraft-devel-4.12.14-122.173.1 kernel-macros-4.12.14-122.173.1 kernel-obs-build-4.12.14-122.173.1 kernel-obs-qa-4.12.14-122.173.1 kernel-source-4.12.14-122.173.1 kernel-source-vanilla-4.12.14-122.173.1 kernel-syms-4.12.14-122.173.1 kernel-vanilla-4.12.14-122.173.1 kernel-vanilla-base-4.12.14-122.173.1 kernel-vanilla-devel-4.12.14-122.173.1 kernel-vanilla-kgraft-devel-4.12.14-122.173.1 kernel-zfcpdump-4.12.14-122.173.1 kernel-zfcpdump-man-4.12.14-122.173.1 kgraft-patch-4_12_14-122_173-default-1-8.3.3 kselftests-kmp-default-4.12.14-122.173.1 kernel-default-4.12.14-122.173.1 as a component of Image SLES12-SP5-Azure-BYOS kernel-default-4.12.14-122.173.1 as a component of Image SLES12-SP5-Azure-HPC-BYOS cluster-md-kmp-default-4.12.14-122.173.1 as a component of Image SLES12-SP5-Azure-SAP-BYOS dlm-kmp-default-4.12.14-122.173.1 as a component of Image SLES12-SP5-Azure-SAP-BYOS gfs2-kmp-default-4.12.14-122.173.1 as a component of Image SLES12-SP5-Azure-SAP-BYOS kernel-default-4.12.14-122.173.1 as a component of Image SLES12-SP5-Azure-SAP-BYOS ocfs2-kmp-default-4.12.14-122.173.1 as a component of Image SLES12-SP5-Azure-SAP-BYOS cluster-md-kmp-default-4.12.14-122.173.1 as a component of Image SLES12-SP5-Azure-SAP-On-Demand dlm-kmp-default-4.12.14-122.173.1 as a component of Image SLES12-SP5-Azure-SAP-On-Demand gfs2-kmp-default-4.12.14-122.173.1 as a component of Image SLES12-SP5-Azure-SAP-On-Demand kernel-default-4.12.14-122.173.1 as a component of Image SLES12-SP5-Azure-SAP-On-Demand ocfs2-kmp-default-4.12.14-122.173.1 as a component of Image SLES12-SP5-Azure-SAP-On-Demand kernel-default-4.12.14-122.173.1 as a component of Image SLES12-SP5-EC2-BYOS kernel-default-4.12.14-122.173.1 as a component of Image SLES12-SP5-EC2-ECS-On-Demand kernel-default-4.12.14-122.173.1 as a component of Image SLES12-SP5-EC2-On-Demand cluster-md-kmp-default-4.12.14-122.173.1 as a component of Image SLES12-SP5-EC2-SAP-BYOS dlm-kmp-default-4.12.14-122.173.1 as a component of Image SLES12-SP5-EC2-SAP-BYOS gfs2-kmp-default-4.12.14-122.173.1 as a component of Image SLES12-SP5-EC2-SAP-BYOS kernel-default-4.12.14-122.173.1 as a component of Image SLES12-SP5-EC2-SAP-BYOS ocfs2-kmp-default-4.12.14-122.173.1 as a component of Image SLES12-SP5-EC2-SAP-BYOS cluster-md-kmp-default-4.12.14-122.173.1 as a component of Image SLES12-SP5-EC2-SAP-On-Demand dlm-kmp-default-4.12.14-122.173.1 as a component of Image SLES12-SP5-EC2-SAP-On-Demand gfs2-kmp-default-4.12.14-122.173.1 as a component of Image SLES12-SP5-EC2-SAP-On-Demand kernel-default-4.12.14-122.173.1 as a component of Image SLES12-SP5-EC2-SAP-On-Demand ocfs2-kmp-default-4.12.14-122.173.1 as a component of Image SLES12-SP5-EC2-SAP-On-Demand kernel-default-4.12.14-122.173.1 as a component of Image SLES12-SP5-GCE-BYOS kernel-default-4.12.14-122.173.1 as a component of Image SLES12-SP5-GCE-On-Demand cluster-md-kmp-default-4.12.14-122.173.1 as a component of Image SLES12-SP5-GCE-SAP-BYOS dlm-kmp-default-4.12.14-122.173.1 as a component of Image SLES12-SP5-GCE-SAP-BYOS gfs2-kmp-default-4.12.14-122.173.1 as a component of Image SLES12-SP5-GCE-SAP-BYOS kernel-default-4.12.14-122.173.1 as a component of Image SLES12-SP5-GCE-SAP-BYOS ocfs2-kmp-default-4.12.14-122.173.1 as a component of Image SLES12-SP5-GCE-SAP-BYOS cluster-md-kmp-default-4.12.14-122.173.1 as a component of Image SLES12-SP5-GCE-SAP-On-Demand dlm-kmp-default-4.12.14-122.173.1 as a component of Image SLES12-SP5-GCE-SAP-On-Demand gfs2-kmp-default-4.12.14-122.173.1 as a component of Image SLES12-SP5-GCE-SAP-On-Demand kernel-default-4.12.14-122.173.1 as a component of Image SLES12-SP5-GCE-SAP-On-Demand ocfs2-kmp-default-4.12.14-122.173.1 as a component of Image SLES12-SP5-GCE-SAP-On-Demand cluster-md-kmp-default-4.12.14-122.173.1 as a component of Image SLES12-SP5-SAP-Azure-LI-BYOS-Production dlm-kmp-default-4.12.14-122.173.1 as a component of Image SLES12-SP5-SAP-Azure-LI-BYOS-Production gfs2-kmp-default-4.12.14-122.173.1 as a component of Image SLES12-SP5-SAP-Azure-LI-BYOS-Production kernel-default-4.12.14-122.173.1 as a component of Image SLES12-SP5-SAP-Azure-LI-BYOS-Production ocfs2-kmp-default-4.12.14-122.173.1 as a component of Image SLES12-SP5-SAP-Azure-LI-BYOS-Production cluster-md-kmp-default-4.12.14-122.173.1 as a component of Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production dlm-kmp-default-4.12.14-122.173.1 as a component of Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production gfs2-kmp-default-4.12.14-122.173.1 as a component of Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production kernel-default-4.12.14-122.173.1 as a component of Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production ocfs2-kmp-default-4.12.14-122.173.1 as a component of Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production cluster-md-kmp-default-4.12.14-122.173.1 as a component of SUSE Linux Enterprise High Availability Extension 12 SP5 dlm-kmp-default-4.12.14-122.173.1 as a component of SUSE Linux Enterprise High Availability Extension 12 SP5 gfs2-kmp-default-4.12.14-122.173.1 as a component of SUSE Linux Enterprise High Availability Extension 12 SP5 ocfs2-kmp-default-4.12.14-122.173.1 as a component of SUSE Linux Enterprise High Availability Extension 12 SP5 kernel-default-kgraft-4.12.14-122.173.1 as a component of SUSE Linux Enterprise Live Patching 12 SP5 kernel-default-kgraft-devel-4.12.14-122.173.1 as a component of SUSE Linux Enterprise Live Patching 12 SP5 kgraft-patch-4_12_14-122_173-default-1-8.3.3 as a component of SUSE Linux Enterprise Live Patching 12 SP5 kernel-default-4.12.14-122.173.1 as a component of SUSE Linux Enterprise Server 12 SP5 kernel-default-base-4.12.14-122.173.1 as a component of SUSE Linux Enterprise Server 12 SP5 kernel-default-devel-4.12.14-122.173.1 as a component of SUSE Linux Enterprise Server 12 SP5 kernel-default-man-4.12.14-122.173.1 as a component of SUSE Linux Enterprise Server 12 SP5 kernel-devel-4.12.14-122.173.1 as a component of SUSE Linux Enterprise Server 12 SP5 kernel-macros-4.12.14-122.173.1 as a component of SUSE Linux Enterprise Server 12 SP5 kernel-source-4.12.14-122.173.1 as a component of SUSE Linux Enterprise Server 12 SP5 kernel-syms-4.12.14-122.173.1 as a component of SUSE Linux Enterprise Server 12 SP5 kernel-default-4.12.14-122.173.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 kernel-default-base-4.12.14-122.173.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 kernel-default-devel-4.12.14-122.173.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 kernel-default-man-4.12.14-122.173.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 kernel-devel-4.12.14-122.173.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 kernel-macros-4.12.14-122.173.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 kernel-source-4.12.14-122.173.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 kernel-syms-4.12.14-122.173.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 kernel-docs-4.12.14-122.173.1 as a component of SUSE Linux Enterprise Software Development Kit 12 SP5 kernel-obs-build-4.12.14-122.173.1 as a component of SUSE Linux Enterprise Software Development Kit 12 SP5 kernel-default-extra-4.12.14-122.173.1 as a component of SUSE Linux Enterprise Workstation Extension 12 SP5 Information exposure through microarchitectural state after transient execution in certain vector execution units for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. CVE-2022-40982 Image SLES12-SP5-Azure-BYOS:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-HPC-BYOS:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-SAP-BYOS:cluster-md-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-SAP-BYOS:dlm-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-SAP-BYOS:gfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-SAP-BYOS:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-SAP-BYOS:ocfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-SAP-On-Demand:cluster-md-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-SAP-On-Demand:dlm-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-SAP-On-Demand:gfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-SAP-On-Demand:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-SAP-On-Demand:ocfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-BYOS:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-ECS-On-Demand:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-On-Demand:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-SAP-BYOS:cluster-md-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-SAP-BYOS:dlm-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-SAP-BYOS:gfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-SAP-BYOS:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-SAP-BYOS:ocfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-SAP-On-Demand:cluster-md-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-SAP-On-Demand:dlm-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-SAP-On-Demand:gfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-SAP-On-Demand:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-SAP-On-Demand:ocfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-BYOS:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-On-Demand:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-SAP-BYOS:cluster-md-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-SAP-BYOS:dlm-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-SAP-BYOS:gfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-SAP-BYOS:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-SAP-BYOS:ocfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-SAP-On-Demand:cluster-md-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-SAP-On-Demand:dlm-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-SAP-On-Demand:gfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-SAP-On-Demand:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-SAP-On-Demand:ocfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:cluster-md-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:dlm-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:gfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:ocfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:cluster-md-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:dlm-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:gfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:ocfs2-kmp-default-4.12.14-122.173.1 SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.173.1 SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.173.1 SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.173.1 SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.173.1 SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.173.1 SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.173.1 SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_173-default-1-8.3.3 SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.173.1 SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.173.1 SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.173.1 SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.173.1 SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.173.1 SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.173.1 SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.173.1 SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.173.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.173.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.173.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.173.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.173.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.173.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.173.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.173.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.173.1 SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.173.1 SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.173.1 SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.173.1 moderate 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2023/suse-su-20233309-1/ https://www.suse.com/security/cve/CVE-2022-40982.html CVE-2022-40982 https://bugzilla.suse.com/1206418 SUSE Bug 1206418 https://bugzilla.suse.com/1215674 SUSE Bug 1215674 Copy_from_user on 64-bit versions of the Linux kernel does not implement the __uaccess_begin_nospec allowing a user to bypass the "access_ok" check and pass a kernel pointer to copy_from_user(). This would allow an attacker to leak information. We recommend upgrading beyond commit 74e19ef0ff8061ef55957c3abd71614ef0f42f47 CVE-2023-0459 Image SLES12-SP5-Azure-BYOS:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-HPC-BYOS:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-SAP-BYOS:cluster-md-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-SAP-BYOS:dlm-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-SAP-BYOS:gfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-SAP-BYOS:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-SAP-BYOS:ocfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-SAP-On-Demand:cluster-md-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-SAP-On-Demand:dlm-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-SAP-On-Demand:gfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-SAP-On-Demand:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-SAP-On-Demand:ocfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-BYOS:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-ECS-On-Demand:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-On-Demand:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-SAP-BYOS:cluster-md-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-SAP-BYOS:dlm-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-SAP-BYOS:gfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-SAP-BYOS:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-SAP-BYOS:ocfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-SAP-On-Demand:cluster-md-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-SAP-On-Demand:dlm-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-SAP-On-Demand:gfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-SAP-On-Demand:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-SAP-On-Demand:ocfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-BYOS:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-On-Demand:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-SAP-BYOS:cluster-md-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-SAP-BYOS:dlm-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-SAP-BYOS:gfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-SAP-BYOS:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-SAP-BYOS:ocfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-SAP-On-Demand:cluster-md-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-SAP-On-Demand:dlm-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-SAP-On-Demand:gfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-SAP-On-Demand:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-SAP-On-Demand:ocfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:cluster-md-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:dlm-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:gfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:ocfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:cluster-md-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:dlm-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:gfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:ocfs2-kmp-default-4.12.14-122.173.1 SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.173.1 SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.173.1 SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.173.1 SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.173.1 SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.173.1 SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.173.1 SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_173-default-1-8.3.3 SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.173.1 SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.173.1 SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.173.1 SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.173.1 SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.173.1 SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.173.1 SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.173.1 SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.173.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.173.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.173.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.173.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.173.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.173.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.173.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.173.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.173.1 SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.173.1 SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.173.1 SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.173.1 moderate 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2023/suse-su-20233309-1/ https://www.suse.com/security/cve/CVE-2023-0459.html CVE-2023-0459 https://bugzilla.suse.com/1211738 SUSE Bug 1211738 https://bugzilla.suse.com/1215674 SUSE Bug 1215674 A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled address, potentially leading to information disclosure. CVE-2023-20569 Image SLES12-SP5-Azure-BYOS:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-HPC-BYOS:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-SAP-BYOS:cluster-md-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-SAP-BYOS:dlm-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-SAP-BYOS:gfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-SAP-BYOS:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-SAP-BYOS:ocfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-SAP-On-Demand:cluster-md-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-SAP-On-Demand:dlm-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-SAP-On-Demand:gfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-SAP-On-Demand:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-SAP-On-Demand:ocfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-BYOS:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-ECS-On-Demand:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-On-Demand:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-SAP-BYOS:cluster-md-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-SAP-BYOS:dlm-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-SAP-BYOS:gfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-SAP-BYOS:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-SAP-BYOS:ocfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-SAP-On-Demand:cluster-md-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-SAP-On-Demand:dlm-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-SAP-On-Demand:gfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-SAP-On-Demand:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-SAP-On-Demand:ocfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-BYOS:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-On-Demand:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-SAP-BYOS:cluster-md-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-SAP-BYOS:dlm-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-SAP-BYOS:gfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-SAP-BYOS:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-SAP-BYOS:ocfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-SAP-On-Demand:cluster-md-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-SAP-On-Demand:dlm-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-SAP-On-Demand:gfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-SAP-On-Demand:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-SAP-On-Demand:ocfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:cluster-md-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:dlm-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:gfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:ocfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:cluster-md-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:dlm-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:gfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:ocfs2-kmp-default-4.12.14-122.173.1 SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.173.1 SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.173.1 SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.173.1 SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.173.1 SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.173.1 SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.173.1 SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_173-default-1-8.3.3 SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.173.1 SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.173.1 SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.173.1 SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.173.1 SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.173.1 SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.173.1 SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.173.1 SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.173.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.173.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.173.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.173.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.173.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.173.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.173.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.173.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.173.1 SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.173.1 SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.173.1 SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.173.1 moderate 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2023/suse-su-20233309-1/ https://www.suse.com/security/cve/CVE-2023-20569.html CVE-2023-20569 https://bugzilla.suse.com/1213287 SUSE Bug 1213287 An issue in "Zen 2" CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensitive information. CVE-2023-20593 Image SLES12-SP5-Azure-BYOS:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-HPC-BYOS:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-SAP-BYOS:cluster-md-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-SAP-BYOS:dlm-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-SAP-BYOS:gfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-SAP-BYOS:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-SAP-BYOS:ocfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-SAP-On-Demand:cluster-md-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-SAP-On-Demand:dlm-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-SAP-On-Demand:gfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-SAP-On-Demand:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-SAP-On-Demand:ocfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-BYOS:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-ECS-On-Demand:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-On-Demand:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-SAP-BYOS:cluster-md-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-SAP-BYOS:dlm-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-SAP-BYOS:gfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-SAP-BYOS:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-SAP-BYOS:ocfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-SAP-On-Demand:cluster-md-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-SAP-On-Demand:dlm-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-SAP-On-Demand:gfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-SAP-On-Demand:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-SAP-On-Demand:ocfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-BYOS:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-On-Demand:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-SAP-BYOS:cluster-md-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-SAP-BYOS:dlm-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-SAP-BYOS:gfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-SAP-BYOS:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-SAP-BYOS:ocfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-SAP-On-Demand:cluster-md-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-SAP-On-Demand:dlm-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-SAP-On-Demand:gfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-SAP-On-Demand:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-SAP-On-Demand:ocfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:cluster-md-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:dlm-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:gfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:ocfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:cluster-md-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:dlm-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:gfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:ocfs2-kmp-default-4.12.14-122.173.1 SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.173.1 SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.173.1 SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.173.1 SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.173.1 SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.173.1 SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.173.1 SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_173-default-1-8.3.3 SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.173.1 SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.173.1 SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.173.1 SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.173.1 SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.173.1 SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.173.1 SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.173.1 SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.173.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.173.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.173.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.173.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.173.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.173.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.173.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.173.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.173.1 SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.173.1 SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.173.1 SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.173.1 moderate 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2023/suse-su-20233309-1/ https://www.suse.com/security/cve/CVE-2023-20593.html CVE-2023-20593 https://bugzilla.suse.com/1213286 SUSE Bug 1213286 https://bugzilla.suse.com/1213616 SUSE Bug 1213616 https://bugzilla.suse.com/1215674 SUSE Bug 1215674 A use after free flaw was found in hfsplus_put_super in fs/hfsplus/super.c in the Linux Kernel. This flaw could allow a local user to cause a denial of service problem. CVE-2023-2985 Image SLES12-SP5-Azure-BYOS:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-HPC-BYOS:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-SAP-BYOS:cluster-md-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-SAP-BYOS:dlm-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-SAP-BYOS:gfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-SAP-BYOS:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-SAP-BYOS:ocfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-SAP-On-Demand:cluster-md-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-SAP-On-Demand:dlm-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-SAP-On-Demand:gfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-SAP-On-Demand:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-SAP-On-Demand:ocfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-BYOS:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-ECS-On-Demand:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-On-Demand:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-SAP-BYOS:cluster-md-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-SAP-BYOS:dlm-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-SAP-BYOS:gfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-SAP-BYOS:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-SAP-BYOS:ocfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-SAP-On-Demand:cluster-md-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-SAP-On-Demand:dlm-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-SAP-On-Demand:gfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-SAP-On-Demand:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-SAP-On-Demand:ocfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-BYOS:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-On-Demand:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-SAP-BYOS:cluster-md-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-SAP-BYOS:dlm-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-SAP-BYOS:gfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-SAP-BYOS:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-SAP-BYOS:ocfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-SAP-On-Demand:cluster-md-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-SAP-On-Demand:dlm-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-SAP-On-Demand:gfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-SAP-On-Demand:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-SAP-On-Demand:ocfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:cluster-md-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:dlm-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:gfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:ocfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:cluster-md-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:dlm-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:gfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:ocfs2-kmp-default-4.12.14-122.173.1 SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.173.1 SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.173.1 SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.173.1 SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.173.1 SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.173.1 SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.173.1 SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_173-default-1-8.3.3 SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.173.1 SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.173.1 SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.173.1 SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.173.1 SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.173.1 SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.173.1 SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.173.1 SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.173.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.173.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.173.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.173.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.173.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.173.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.173.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.173.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.173.1 SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.173.1 SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.173.1 SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.173.1 moderate 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2023/suse-su-20233309-1/ https://www.suse.com/security/cve/CVE-2023-2985.html CVE-2023-2985 https://bugzilla.suse.com/1211867 SUSE Bug 1211867 Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in any user or network namespace CVE-2023-35001 Image SLES12-SP5-Azure-BYOS:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-HPC-BYOS:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-SAP-BYOS:cluster-md-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-SAP-BYOS:dlm-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-SAP-BYOS:gfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-SAP-BYOS:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-SAP-BYOS:ocfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-SAP-On-Demand:cluster-md-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-SAP-On-Demand:dlm-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-SAP-On-Demand:gfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-SAP-On-Demand:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-SAP-On-Demand:ocfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-BYOS:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-ECS-On-Demand:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-On-Demand:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-SAP-BYOS:cluster-md-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-SAP-BYOS:dlm-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-SAP-BYOS:gfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-SAP-BYOS:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-SAP-BYOS:ocfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-SAP-On-Demand:cluster-md-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-SAP-On-Demand:dlm-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-SAP-On-Demand:gfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-SAP-On-Demand:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-SAP-On-Demand:ocfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-BYOS:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-On-Demand:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-SAP-BYOS:cluster-md-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-SAP-BYOS:dlm-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-SAP-BYOS:gfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-SAP-BYOS:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-SAP-BYOS:ocfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-SAP-On-Demand:cluster-md-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-SAP-On-Demand:dlm-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-SAP-On-Demand:gfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-SAP-On-Demand:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-SAP-On-Demand:ocfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:cluster-md-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:dlm-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:gfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:ocfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:cluster-md-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:dlm-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:gfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:ocfs2-kmp-default-4.12.14-122.173.1 SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.173.1 SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.173.1 SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.173.1 SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.173.1 SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.173.1 SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.173.1 SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_173-default-1-8.3.3 SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.173.1 SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.173.1 SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.173.1 SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.173.1 SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.173.1 SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.173.1 SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.173.1 SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.173.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.173.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.173.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.173.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.173.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.173.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.173.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.173.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.173.1 SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.173.1 SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.173.1 SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.173.1 important 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2023/suse-su-20233309-1/ https://www.suse.com/security/cve/CVE-2023-35001.html CVE-2023-35001 https://bugzilla.suse.com/1213059 SUSE Bug 1213059 https://bugzilla.suse.com/1213063 SUSE Bug 1213063 https://bugzilla.suse.com/1217531 SUSE Bug 1217531 A use-after-free flaw was found in vcs_read in drivers/tty/vt/vc_screen.c in vc_screen in the Linux Kernel. This issue may allow an attacker with local user access to cause a system crash or leak internal kernel information. CVE-2023-3567 Image SLES12-SP5-Azure-BYOS:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-HPC-BYOS:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-SAP-BYOS:cluster-md-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-SAP-BYOS:dlm-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-SAP-BYOS:gfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-SAP-BYOS:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-SAP-BYOS:ocfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-SAP-On-Demand:cluster-md-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-SAP-On-Demand:dlm-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-SAP-On-Demand:gfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-SAP-On-Demand:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-SAP-On-Demand:ocfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-BYOS:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-ECS-On-Demand:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-On-Demand:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-SAP-BYOS:cluster-md-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-SAP-BYOS:dlm-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-SAP-BYOS:gfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-SAP-BYOS:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-SAP-BYOS:ocfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-SAP-On-Demand:cluster-md-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-SAP-On-Demand:dlm-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-SAP-On-Demand:gfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-SAP-On-Demand:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-SAP-On-Demand:ocfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-BYOS:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-On-Demand:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-SAP-BYOS:cluster-md-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-SAP-BYOS:dlm-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-SAP-BYOS:gfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-SAP-BYOS:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-SAP-BYOS:ocfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-SAP-On-Demand:cluster-md-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-SAP-On-Demand:dlm-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-SAP-On-Demand:gfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-SAP-On-Demand:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-SAP-On-Demand:ocfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:cluster-md-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:dlm-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:gfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:ocfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:cluster-md-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:dlm-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:gfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:ocfs2-kmp-default-4.12.14-122.173.1 SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.173.1 SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.173.1 SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.173.1 SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.173.1 SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.173.1 SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.173.1 SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_173-default-1-8.3.3 SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.173.1 SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.173.1 SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.173.1 SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.173.1 SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.173.1 SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.173.1 SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.173.1 SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.173.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.173.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.173.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.173.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.173.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.173.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.173.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.173.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.173.1 SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.173.1 SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.173.1 SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.173.1 important 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2023/suse-su-20233309-1/ https://www.suse.com/security/cve/CVE-2023-3567.html CVE-2023-3567 https://bugzilla.suse.com/1213167 SUSE Bug 1213167 https://bugzilla.suse.com/1213244 SUSE Bug 1213244 https://bugzilla.suse.com/1213842 SUSE Bug 1213842 https://bugzilla.suse.com/1215674 SUSE Bug 1215674 https://bugzilla.suse.com/1217444 SUSE Bug 1217444 https://bugzilla.suse.com/1217531 SUSE Bug 1217531 A use-after-free vulnerability in the Linux kernel's net/sched: cls_u32 component can be exploited to achieve local privilege escalation. If tcf_change_indev() fails, u32_set_parms() will immediately return an error after incrementing or decrementing the reference counter in tcf_bind_filter(). If an attacker can control the reference counter and set it to zero, they can cause the reference to be freed, leading to a use-after-free vulnerability. We recommend upgrading past commit 04c55383fa5689357bcdd2c8036725a55ed632bc. CVE-2023-3609 Image SLES12-SP5-Azure-BYOS:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-HPC-BYOS:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-SAP-BYOS:cluster-md-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-SAP-BYOS:dlm-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-SAP-BYOS:gfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-SAP-BYOS:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-SAP-BYOS:ocfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-SAP-On-Demand:cluster-md-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-SAP-On-Demand:dlm-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-SAP-On-Demand:gfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-SAP-On-Demand:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-SAP-On-Demand:ocfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-BYOS:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-ECS-On-Demand:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-On-Demand:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-SAP-BYOS:cluster-md-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-SAP-BYOS:dlm-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-SAP-BYOS:gfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-SAP-BYOS:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-SAP-BYOS:ocfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-SAP-On-Demand:cluster-md-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-SAP-On-Demand:dlm-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-SAP-On-Demand:gfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-SAP-On-Demand:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-SAP-On-Demand:ocfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-BYOS:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-On-Demand:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-SAP-BYOS:cluster-md-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-SAP-BYOS:dlm-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-SAP-BYOS:gfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-SAP-BYOS:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-SAP-BYOS:ocfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-SAP-On-Demand:cluster-md-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-SAP-On-Demand:dlm-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-SAP-On-Demand:gfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-SAP-On-Demand:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-SAP-On-Demand:ocfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:cluster-md-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:dlm-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:gfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:ocfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:cluster-md-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:dlm-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:gfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:ocfs2-kmp-default-4.12.14-122.173.1 SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.173.1 SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.173.1 SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.173.1 SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.173.1 SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.173.1 SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.173.1 SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_173-default-1-8.3.3 SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.173.1 SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.173.1 SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.173.1 SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.173.1 SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.173.1 SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.173.1 SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.173.1 SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.173.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.173.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.173.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.173.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.173.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.173.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.173.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.173.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.173.1 SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.173.1 SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.173.1 SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.173.1 moderate 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2023/suse-su-20233309-1/ https://www.suse.com/security/cve/CVE-2023-3609.html CVE-2023-3609 https://bugzilla.suse.com/1213586 SUSE Bug 1213586 https://bugzilla.suse.com/1213587 SUSE Bug 1213587 https://bugzilla.suse.com/1217444 SUSE Bug 1217444 https://bugzilla.suse.com/1217531 SUSE Bug 1217531 An out-of-bounds write vulnerability in the Linux kernel's net/sched: sch_qfq component can be exploited to achieve local privilege escalation. The qfq_change_agg() function in net/sched/sch_qfq.c allows an out-of-bounds write because lmax is updated according to packet sizes without bounds checks. We recommend upgrading past commit 3e337087c3b5805fe0b8a46ba622a962880b5d64. CVE-2023-3611 Image SLES12-SP5-Azure-BYOS:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-HPC-BYOS:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-SAP-BYOS:cluster-md-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-SAP-BYOS:dlm-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-SAP-BYOS:gfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-SAP-BYOS:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-SAP-BYOS:ocfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-SAP-On-Demand:cluster-md-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-SAP-On-Demand:dlm-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-SAP-On-Demand:gfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-SAP-On-Demand:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-SAP-On-Demand:ocfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-BYOS:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-ECS-On-Demand:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-On-Demand:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-SAP-BYOS:cluster-md-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-SAP-BYOS:dlm-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-SAP-BYOS:gfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-SAP-BYOS:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-SAP-BYOS:ocfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-SAP-On-Demand:cluster-md-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-SAP-On-Demand:dlm-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-SAP-On-Demand:gfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-SAP-On-Demand:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-SAP-On-Demand:ocfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-BYOS:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-On-Demand:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-SAP-BYOS:cluster-md-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-SAP-BYOS:dlm-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-SAP-BYOS:gfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-SAP-BYOS:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-SAP-BYOS:ocfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-SAP-On-Demand:cluster-md-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-SAP-On-Demand:dlm-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-SAP-On-Demand:gfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-SAP-On-Demand:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-SAP-On-Demand:ocfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:cluster-md-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:dlm-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:gfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:ocfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:cluster-md-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:dlm-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:gfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:ocfs2-kmp-default-4.12.14-122.173.1 SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.173.1 SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.173.1 SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.173.1 SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.173.1 SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.173.1 SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.173.1 SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_173-default-1-8.3.3 SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.173.1 SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.173.1 SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.173.1 SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.173.1 SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.173.1 SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.173.1 SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.173.1 SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.173.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.173.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.173.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.173.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.173.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.173.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.173.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.173.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.173.1 SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.173.1 SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.173.1 SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.173.1 moderate 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2023/suse-su-20233309-1/ https://www.suse.com/security/cve/CVE-2023-3611.html CVE-2023-3611 https://bugzilla.suse.com/1213585 SUSE Bug 1213585 https://bugzilla.suse.com/1223091 SUSE Bug 1223091 https://bugzilla.suse.com/1223973 SUSE Bug 1223973 A use-after-free vulnerability in the Linux kernel's net/sched: cls_fw component can be exploited to achieve local privilege escalation. If tcf_change_indev() fails, fw_set_parms() will immediately return an error after incrementing or decrementing the reference counter in tcf_bind_filter(). If an attacker can control the reference counter and set it to zero, they can cause the reference to be freed, leading to a use-after-free vulnerability. We recommend upgrading past commit 0323bce598eea038714f941ce2b22541c46d488f. CVE-2023-3776 Image SLES12-SP5-Azure-BYOS:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-HPC-BYOS:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-SAP-BYOS:cluster-md-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-SAP-BYOS:dlm-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-SAP-BYOS:gfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-SAP-BYOS:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-SAP-BYOS:ocfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-SAP-On-Demand:cluster-md-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-SAP-On-Demand:dlm-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-SAP-On-Demand:gfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-SAP-On-Demand:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-Azure-SAP-On-Demand:ocfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-BYOS:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-ECS-On-Demand:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-On-Demand:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-SAP-BYOS:cluster-md-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-SAP-BYOS:dlm-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-SAP-BYOS:gfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-SAP-BYOS:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-SAP-BYOS:ocfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-SAP-On-Demand:cluster-md-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-SAP-On-Demand:dlm-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-SAP-On-Demand:gfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-SAP-On-Demand:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-EC2-SAP-On-Demand:ocfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-BYOS:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-On-Demand:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-SAP-BYOS:cluster-md-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-SAP-BYOS:dlm-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-SAP-BYOS:gfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-SAP-BYOS:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-SAP-BYOS:ocfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-SAP-On-Demand:cluster-md-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-SAP-On-Demand:dlm-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-SAP-On-Demand:gfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-SAP-On-Demand:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-GCE-SAP-On-Demand:ocfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:cluster-md-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:dlm-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:gfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:ocfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:cluster-md-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:dlm-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:gfs2-kmp-default-4.12.14-122.173.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:kernel-default-4.12.14-122.173.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:ocfs2-kmp-default-4.12.14-122.173.1 SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.173.1 SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.173.1 SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.173.1 SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.173.1 SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.173.1 SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.173.1 SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_173-default-1-8.3.3 SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.173.1 SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.173.1 SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.173.1 SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.173.1 SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.173.1 SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.173.1 SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.173.1 SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.173.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.173.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.173.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.173.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.173.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.173.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.173.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.173.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.173.1 SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.173.1 SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.173.1 SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.173.1 moderate 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2023/suse-su-20233309-1/ https://www.suse.com/security/cve/CVE-2023-3776.html CVE-2023-3776 https://bugzilla.suse.com/1213588 SUSE Bug 1213588 https://bugzilla.suse.com/1215119 SUSE Bug 1215119 https://bugzilla.suse.com/1215674 SUSE Bug 1215674 https://bugzilla.suse.com/1217444 SUSE Bug 1217444 https://bugzilla.suse.com/1217531 SUSE Bug 1217531 https://bugzilla.suse.com/1221578 SUSE Bug 1221578 https://bugzilla.suse.com/1221598 SUSE Bug 1221598 https://bugzilla.suse.com/1223091 SUSE Bug 1223091 https://bugzilla.suse.com/1223973 SUSE Bug 1223973