Security update for the Linux Kernel SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2023:0852-1 Final 1 1 2023-03-21T12:36:10Z current 2023-03-21T12:36:10Z 2023-03-21T12:36:10Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for the Linux Kernel The SUSE Linux Enterprise 12 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-4129: Fixed a denial of service with the Layer 2 Tunneling Protocol (L2TP). A missing lock when clearing sk_user_data can lead to a race condition and NULL pointer dereference. (bsc#1205711) - CVE-2021-4203: Fixed use-after-free read flaw that was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and SO_PEERGROUPS race with listen() (bsc#1194535). - CVE-2023-23559: Fixed integer overflow in rndis_wlan that leads to a buffer overflow (bsc#1207051). - CVE-2023-26545: Fixed double free in net/mpls/af_mpls.c upon an allocation failure (bsc#1208700). - CVE-2022-38096: Fixed NULL-ptr deref in vmw_cmd_dx_define_query() (bsc#1203331). - CVE-2022-36280: Fixed out-of-bounds memory access vulnerability found in vmwgfx driver (bsc#1203332). - CVE-2023-0045: Fixed missing Flush IBP in ib_prctl_set (bsc#1207773). - CVE-2023-0590: Fixed race condition in qdisc_graft() (bsc#1207795). - CVE-2022-2991: Fixed an heap-based overflow in the lightnvm implemenation (bsc#1201420). The following non-security bugs were fixed: - kabi/severities: add l2tp local symbols The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). SUSE-2023-852,SUSE-OpenStack-Cloud-9-2023-852,SUSE-OpenStack-Cloud-Crowbar-9-2023-852,SUSE-SLE-HA-12-SP4-2023-852,SUSE-SLE-Live-Patching-12-SP4-2023-852,SUSE-SLE-SERVER-12-SP4-ESPOS-2023-852,SUSE-SLE-SERVER-12-SP4-LTSS-2023-852 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2023/suse-su-20230852-1/ Link for SUSE-SU-2023:0852-1 https://lists.suse.com/pipermail/sle-security-updates/2023-March/014114.html E-Mail link for SUSE-SU-2023:0852-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1191881 SUSE Bug 1191881 https://bugzilla.suse.com/1194535 SUSE Bug 1194535 https://bugzilla.suse.com/1201420 SUSE Bug 1201420 https://bugzilla.suse.com/1203331 SUSE Bug 1203331 https://bugzilla.suse.com/1203332 SUSE Bug 1203332 https://bugzilla.suse.com/1205711 SUSE Bug 1205711 https://bugzilla.suse.com/1207051 SUSE Bug 1207051 https://bugzilla.suse.com/1207773 SUSE Bug 1207773 https://bugzilla.suse.com/1207795 SUSE Bug 1207795 https://bugzilla.suse.com/1208700 SUSE Bug 1208700 https://bugzilla.suse.com/1209188 SUSE Bug 1209188 https://www.suse.com/security/cve/CVE-2021-4203/ SUSE CVE CVE-2021-4203 page https://www.suse.com/security/cve/CVE-2022-2991/ SUSE CVE CVE-2022-2991 page https://www.suse.com/security/cve/CVE-2022-36280/ SUSE CVE CVE-2022-36280 page https://www.suse.com/security/cve/CVE-2022-38096/ SUSE CVE CVE-2022-38096 page https://www.suse.com/security/cve/CVE-2022-4129/ SUSE CVE CVE-2022-4129 page https://www.suse.com/security/cve/CVE-2023-0045/ SUSE CVE CVE-2023-0045 page https://www.suse.com/security/cve/CVE-2023-0590/ SUSE CVE CVE-2023-0590 page https://www.suse.com/security/cve/CVE-2023-23559/ SUSE CVE CVE-2023-23559 page https://www.suse.com/security/cve/CVE-2023-26545/ SUSE CVE CVE-2023-26545 page SUSE Linux Enterprise High Availability Extension 12 SP4 SUSE Linux Enterprise Live Patching 12 SP4 SUSE Linux Enterprise Server 12 SP4-ESPOS SUSE Linux Enterprise Server 12 SP4-LTSS SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 9 cluster-md-kmp-default-4.12.14-95.120.4 dlm-kmp-default-4.12.14-95.120.4 gfs2-kmp-default-4.12.14-95.120.4 kernel-debug-4.12.14-95.120.4 kernel-debug-base-4.12.14-95.120.4 kernel-debug-devel-4.12.14-95.120.4 kernel-debug-kgraft-devel-4.12.14-95.120.4 kernel-default-4.12.14-95.120.4 kernel-default-base-4.12.14-95.120.4 kernel-default-devel-4.12.14-95.120.4 kernel-default-extra-4.12.14-95.120.4 kernel-default-kgraft-4.12.14-95.120.4 kernel-default-kgraft-devel-4.12.14-95.120.4 kernel-default-man-4.12.14-95.120.4 kernel-devel-4.12.14-95.120.4 kernel-docs-4.12.14-95.120.6 kernel-docs-html-4.12.14-95.120.6 kernel-kvmsmall-4.12.14-95.120.4 kernel-kvmsmall-base-4.12.14-95.120.4 kernel-kvmsmall-devel-4.12.14-95.120.4 kernel-kvmsmall-kgraft-devel-4.12.14-95.120.4 kernel-macros-4.12.14-95.120.4 kernel-obs-build-4.12.14-95.120.4 kernel-obs-qa-4.12.14-95.120.1 kernel-source-4.12.14-95.120.4 kernel-source-vanilla-4.12.14-95.120.4 kernel-syms-4.12.14-95.120.4 kernel-vanilla-4.12.14-95.120.4 kernel-vanilla-base-4.12.14-95.120.4 kernel-vanilla-devel-4.12.14-95.120.4 kernel-vanilla-kgraft-devel-4.12.14-95.120.4 kernel-zfcpdump-4.12.14-95.120.4 kernel-zfcpdump-man-4.12.14-95.120.4 kgraft-patch-4_12_14-95_120-default-1-6.3.4 kselftests-kmp-default-4.12.14-95.120.4 ocfs2-kmp-default-4.12.14-95.120.4 cluster-md-kmp-default-4.12.14-95.120.4 as a component of SUSE Linux Enterprise High Availability Extension 12 SP4 dlm-kmp-default-4.12.14-95.120.4 as a component of SUSE Linux Enterprise High Availability Extension 12 SP4 gfs2-kmp-default-4.12.14-95.120.4 as a component of SUSE Linux Enterprise High Availability Extension 12 SP4 ocfs2-kmp-default-4.12.14-95.120.4 as a component of SUSE Linux Enterprise High Availability Extension 12 SP4 kernel-default-kgraft-4.12.14-95.120.4 as a component of SUSE Linux Enterprise Live Patching 12 SP4 kernel-default-kgraft-devel-4.12.14-95.120.4 as a component of SUSE Linux Enterprise Live Patching 12 SP4 kgraft-patch-4_12_14-95_120-default-1-6.3.4 as a component of SUSE Linux Enterprise Live Patching 12 SP4 kernel-default-4.12.14-95.120.4 as a component of SUSE Linux Enterprise Server 12 SP4-ESPOS kernel-default-base-4.12.14-95.120.4 as a component of SUSE Linux Enterprise Server 12 SP4-ESPOS kernel-default-devel-4.12.14-95.120.4 as a component of SUSE Linux Enterprise Server 12 SP4-ESPOS kernel-devel-4.12.14-95.120.4 as a component of SUSE Linux Enterprise Server 12 SP4-ESPOS kernel-macros-4.12.14-95.120.4 as a component of SUSE Linux Enterprise Server 12 SP4-ESPOS kernel-source-4.12.14-95.120.4 as a component of SUSE Linux Enterprise Server 12 SP4-ESPOS kernel-syms-4.12.14-95.120.4 as a component of SUSE Linux Enterprise Server 12 SP4-ESPOS kernel-default-4.12.14-95.120.4 as a component of SUSE Linux Enterprise Server 12 SP4-LTSS kernel-default-base-4.12.14-95.120.4 as a component of SUSE Linux Enterprise Server 12 SP4-LTSS kernel-default-devel-4.12.14-95.120.4 as a component of SUSE Linux Enterprise Server 12 SP4-LTSS kernel-default-man-4.12.14-95.120.4 as a component of SUSE Linux Enterprise Server 12 SP4-LTSS kernel-devel-4.12.14-95.120.4 as a component of SUSE Linux Enterprise Server 12 SP4-LTSS kernel-macros-4.12.14-95.120.4 as a component of SUSE Linux Enterprise Server 12 SP4-LTSS kernel-source-4.12.14-95.120.4 as a component of SUSE Linux Enterprise Server 12 SP4-LTSS kernel-syms-4.12.14-95.120.4 as a component of SUSE Linux Enterprise Server 12 SP4-LTSS kernel-default-4.12.14-95.120.4 as a component of SUSE OpenStack Cloud 9 kernel-default-base-4.12.14-95.120.4 as a component of SUSE OpenStack Cloud 9 kernel-default-devel-4.12.14-95.120.4 as a component of SUSE OpenStack Cloud 9 kernel-devel-4.12.14-95.120.4 as a component of SUSE OpenStack Cloud 9 kernel-macros-4.12.14-95.120.4 as a component of SUSE OpenStack Cloud 9 kernel-source-4.12.14-95.120.4 as a component of SUSE OpenStack Cloud 9 kernel-syms-4.12.14-95.120.4 as a component of SUSE OpenStack Cloud 9 kernel-default-4.12.14-95.120.4 as a component of SUSE OpenStack Cloud Crowbar 9 kernel-default-base-4.12.14-95.120.4 as a component of SUSE OpenStack Cloud Crowbar 9 kernel-default-devel-4.12.14-95.120.4 as a component of SUSE OpenStack Cloud Crowbar 9 kernel-devel-4.12.14-95.120.4 as a component of SUSE OpenStack Cloud Crowbar 9 kernel-macros-4.12.14-95.120.4 as a component of SUSE OpenStack Cloud Crowbar 9 kernel-source-4.12.14-95.120.4 as a component of SUSE OpenStack Cloud Crowbar 9 kernel-syms-4.12.14-95.120.4 as a component of SUSE OpenStack Cloud Crowbar 9 A use-after-free read flaw was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and SO_PEERGROUPS race with listen() (and connect()) in the Linux kernel. In this flaw, an attacker with a user privileges may crash the system or leak internal kernel information. CVE-2021-4203 SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4 SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4 SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4 SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4 SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4 SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4 SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4 SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4 SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.120.4 SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.120.4 SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.120.4 SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.120.4 SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.120.4 SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.120.4 SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.120.4 SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.120.4 SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.120.4 SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.120.4 SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.120.4 SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.120.4 SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.120.4 SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.120.4 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2023/suse-su-20230852-1/ https://www.suse.com/security/cve/CVE-2021-4203.html CVE-2021-4203 https://bugzilla.suse.com/1194535 SUSE Bug 1194535 A heap-based buffer overflow was found in the Linux kernel's LightNVM subsystem. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. This vulnerability allows a local attacker to escalate privileges and execute arbitrary code in the context of the kernel. The attacker must first obtain the ability to execute high-privileged code on the target system to exploit this vulnerability. CVE-2022-2991 SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4 SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4 SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4 SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4 SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4 SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4 SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4 SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4 SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.120.4 SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.120.4 SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.120.4 SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.120.4 SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.120.4 SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.120.4 SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.120.4 SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.120.4 SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.120.4 SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.120.4 SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.120.4 SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.120.4 SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.120.4 SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.120.4 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2023/suse-su-20230852-1/ https://www.suse.com/security/cve/CVE-2022-2991.html CVE-2022-2991 https://bugzilla.suse.com/1201420 SUSE Bug 1201420 https://bugzilla.suse.com/1203993 SUSE Bug 1203993 https://bugzilla.suse.com/1211495 SUSE Bug 1211495 An out-of-bounds(OOB) memory access vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_kms.c in GPU component in the Linux kernel with device file '/dev/dri/renderD128 (or Dxxx)'. This flaw allows a local attacker with a user account on the system to gain privilege, causing a denial of service(DoS). CVE-2022-36280 SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4 SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4 SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4 SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4 SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4 SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4 SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4 SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4 SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.120.4 SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.120.4 SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.120.4 SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.120.4 SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.120.4 SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.120.4 SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.120.4 SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.120.4 SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.120.4 SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.120.4 SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.120.4 SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.120.4 SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.120.4 SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.120.4 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2023/suse-su-20230852-1/ https://www.suse.com/security/cve/CVE-2022-36280.html CVE-2022-36280 https://bugzilla.suse.com/1203332 SUSE Bug 1203332 A NULL pointer dereference vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_execbuf.c in GPU component of Linux kernel with device file '/dev/dri/renderD128 (or Dxxx)'. This flaw allows a local attacker with a user account on the system to gain privilege, causing a denial of service(DoS). CVE-2022-38096 SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4 SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4 SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4 SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4 SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4 SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4 SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4 SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4 SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.120.4 SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.120.4 SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.120.4 SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.120.4 SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.120.4 SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.120.4 SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.120.4 SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.120.4 SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.120.4 SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.120.4 SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.120.4 SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.120.4 SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.120.4 SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.120.4 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2023/suse-su-20230852-1/ https://www.suse.com/security/cve/CVE-2022-38096.html CVE-2022-38096 https://bugzilla.suse.com/1203331 SUSE Bug 1203331 A flaw was found in the Linux kernel's Layer 2 Tunneling Protocol (L2TP). A missing lock when clearing sk_user_data can lead to a race condition and NULL pointer dereference. A local user could use this flaw to potentially crash the system causing a denial of service. CVE-2022-4129 SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4 SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4 SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4 SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4 SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4 SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4 SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4 SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4 SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.120.4 SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.120.4 SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.120.4 SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.120.4 SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.120.4 SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.120.4 SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.120.4 SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.120.4 SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.120.4 SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.120.4 SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.120.4 SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.120.4 SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.120.4 SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.120.4 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2023/suse-su-20230852-1/ https://www.suse.com/security/cve/CVE-2022-4129.html CVE-2022-4129 https://bugzilla.suse.com/1205711 SUSE Bug 1205711 The current implementation of the prctl syscall does not issue an IBPB immediately during the syscall. The ib_prctl_set  function updates the Thread Information Flags (TIFs) for the task and updates the SPEC_CTRL MSR on the function __speculation_ctrl_update, but the IBPB is only issued on the next schedule, when the TIF bits are checked. This leaves the victim vulnerable to values already injected on the BTB, prior to the prctl syscall.  The patch that added the support for the conditional mitigation via prctl (ib_prctl_set) dates back to the kernel 4.9.176. We recommend upgrading past commit a664ec9158eeddd75121d39c9a0758016097fa96 CVE-2023-0045 SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4 SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4 SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4 SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4 SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4 SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4 SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4 SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4 SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.120.4 SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.120.4 SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.120.4 SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.120.4 SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.120.4 SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.120.4 SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.120.4 SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.120.4 SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.120.4 SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.120.4 SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.120.4 SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.120.4 SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.120.4 SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.120.4 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2023/suse-su-20230852-1/ https://www.suse.com/security/cve/CVE-2023-0045.html CVE-2023-0045 https://bugzilla.suse.com/1207773 SUSE Bug 1207773 A use-after-free flaw was found in qdisc_graft in net/sched/sch_api.c in the Linux Kernel due to a race problem. This flaw leads to a denial of service issue. If patch ebda44da44f6 ("net: sched: fix race condition in qdisc_graft()") not applied yet, then kernel could be affected. CVE-2023-0590 SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4 SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4 SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4 SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4 SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4 SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4 SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4 SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4 SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.120.4 SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.120.4 SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.120.4 SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.120.4 SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.120.4 SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.120.4 SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.120.4 SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.120.4 SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.120.4 SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.120.4 SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.120.4 SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.120.4 SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.120.4 SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.120.4 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2023/suse-su-20230852-1/ https://www.suse.com/security/cve/CVE-2023-0590.html CVE-2023-0590 https://bugzilla.suse.com/1207795 SUSE Bug 1207795 https://bugzilla.suse.com/1207822 SUSE Bug 1207822 https://bugzilla.suse.com/1211495 SUSE Bug 1211495 https://bugzilla.suse.com/1211833 SUSE Bug 1211833 In rndis_query_oid in drivers/net/wireless/rndis_wlan.c in the Linux kernel through 6.1.5, there is an integer overflow in an addition. CVE-2023-23559 SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4 SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4 SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4 SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4 SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4 SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4 SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4 SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4 SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.120.4 SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.120.4 SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.120.4 SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.120.4 SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.120.4 SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.120.4 SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.120.4 SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.120.4 SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.120.4 SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.120.4 SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.120.4 SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.120.4 SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.120.4 SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.120.4 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2023/suse-su-20230852-1/ https://www.suse.com/security/cve/CVE-2023-23559.html CVE-2023-23559 https://bugzilla.suse.com/1207051 SUSE Bug 1207051 In the Linux kernel before 6.1.13, there is a double free in net/mpls/af_mpls.c upon an allocation failure (for registering the sysctl table under a new location) during the renaming of a device. CVE-2023-26545 SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.120.4 SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.120.4 SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.120.4 SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.120.4 SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.120.4 SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.120.4 SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_120-default-1-6.3.4 SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.120.4 SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.120.4 SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.120.4 SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.120.4 SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.120.4 SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.120.4 SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.120.4 SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.120.4 SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.120.4 SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.120.4 SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.120.4 SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.120.4 SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.120.4 SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.120.4 SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.120.4 SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.120.4 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2023/suse-su-20230852-1/ https://www.suse.com/security/cve/CVE-2023-26545.html CVE-2023-26545 https://bugzilla.suse.com/1208700 SUSE Bug 1208700 https://bugzilla.suse.com/1208909 SUSE Bug 1208909 https://bugzilla.suse.com/1210423 SUSE Bug 1210423