Security update for the Linux Kernel

Announcement ID:	SUSE-SU-2023:3392-1
Rating:	important
References:	#1206418 #1207088 #1210584 #1211738 #1211867 #1212301 #1212741 #1212835 #1213059 #1213167 #1213286 #1213287 #1213546 #1213585 #1213586 #1213588 #1213970 #1214019
Cross-References:	CVE-2022-40982 CVE-2023-0459 CVE-2023-20569 CVE-2023-20593 CVE-2023-2985 CVE-2023-34319 CVE-2023-35001 CVE-2023-3567 CVE-2023-3609 CVE-2023-3611 CVE-2023-3776 CVE-2023-4133 CVE-2023-4194
CVSS scores:	CVE-2022-40982 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVE-2022-40982 ( NVD ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N CVE-2023-0459 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N CVE-2023-0459 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVE-2023-20569 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N CVE-2023-20569 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVE-2023-20593 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVE-2023-20593 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVE-2023-2985 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H CVE-2023-2985 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2023-34319 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H CVE-2023-35001 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2023-35001 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2023-3567 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2023-3567 ( NVD ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H CVE-2023-3609 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2023-3609 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2023-3611 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H CVE-2023-3611 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2023-3776 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H CVE-2023-3776 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2023-4133 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2023-4133 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2023-4194 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N CVE-2023-4194 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Affected Products:	openSUSE Leap 15.4 openSUSE Leap 15.5 SUSE CaaS Platform 4.0 SUSE Linux Enterprise High Availability Extension 15 SP1 SUSE Linux Enterprise High Performance Computing 15 SP1 SUSE Linux Enterprise High Performance Computing 15 SP1 LTSS 15-SP1 SUSE Linux Enterprise Live Patching 15-SP1 SUSE Linux Enterprise Server 15 SP1 SUSE Linux Enterprise Server 15 SP1 Business Critical Linux 15-SP1 SUSE Linux Enterprise Server 15 SP1 LTSS 15-SP1 SUSE Linux Enterprise Server for SAP Applications 15 SP1 SUSE Manager Proxy 4.0 SUSE Manager Retail Branch Server 4.0 SUSE Manager Server 4.0

An update that solves 13 vulnerabilities and has five fixes can now be installed.

Description:

The SUSE Linux Enterprise 15 SP1 kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

• CVE-2022-40982: Fixed transient execution attack called "Gather Data Sampling" (bsc#1206418).
• CVE-2023-0459: Fixed information leak in __uaccess_begin_nospec (bsc#1211738).
• CVE-2023-20569: Fixed side channel attack ‘Inception’ or ‘RAS Poisoning’ (bsc#1213287).
• CVE-2023-20593: Fixed a ZenBleed issue in "Zen 2" CPUs that could allow an attacker to potentially access sensitive information (bsc#1213286).
• CVE-2023-2985: Fixed an use-after-free vulnerability in hfsplus_put_super in fs/hfsplus/super.c that could allow a local user to cause a denial of service (bsc#1211867).
• CVE-2023-34319: Fixed buffer overrun triggered by unusual packet in xen/netback (XSA-432) (bsc#1213546).
• CVE-2023-35001: Fixed an out-of-bounds memory access flaw in nft_byteorder that could allow a local attacker to escalate their privilege (bsc#1213059).
• CVE-2023-3567: Fixed a use-after-free in vcs_read in drivers/tty/vt/vc_screen.c (bsc#1213167).
• CVE-2023-3609: Fixed reference counter leak leading to overflow in net/sched (bsc#1213586).
• CVE-2023-3611: Fixed an out-of-bounds write in net/sched sch_qfq(bsc#1213585).
• CVE-2023-3776: Fixed improper refcount update in cls_fw leads to use-after-free (bsc#1213588).
• CVE-2023-4133: Fixed use after free bugs caused by circular dependency problem in cxgb4 (bsc#1213970).
• CVE-2023-4194: Fixed a type confusion in net tun_chr_open() bsc#1214019).

The following non-security bugs were fixed:

• arm: spear: do not use timer namespace for timer_shutdown() function (bsc#1213970).
• clocksource/drivers/arm_arch_timer: do not use timer namespace for timer_shutdown() function (bsc#1213970).
• clocksource/drivers/sp804: do not use timer namespace for timer_shutdown() function (bsc#1213970).
• cpufeatures: allow adding more cpuid words
• get module prefix from kmod (bsc#1212835).
• kernel-binary.spec.in: remove superfluous %% in supplements fixes: 02b7735e0caf ("rpm/kernel-binary.spec.in: add enhances and supplements tags to in-tree kmps")
• kernel-docs: add buildrequires on python3-base when using python3 the python3 binary is provided by python3-base.
• kernel-docs: use python3 together with python3-sphinx (bsc#1212741).
• keys: change keyring_serialise_link_sem to a mutex (bsc#1207088).
• keys: fix linking a duplicate key to a keyring's assoc_array (bsc#1207088).
• keys: hoist locking out of __key_link_begin() (bsc#1207088).
• net/sched: sch_qfq: refactor parsing of netlink parameters (bsc#1213585).
• net: mana: add support for vlan tagging (bsc#1212301).
• readme.branch: add myself as co-maintainer
• remove more packaging cruft for sle < 12 sp3
• rpm/check-for-config-changes: ignore also pahole_has_* we now also have options like config_pahole_has_lang_exclude.
• rpm/check-for-config-changes: ignore also riscv_isa_ and dynamic_sigframe they depend on config_toolchain_has_.
• timers: add shutdown mechanism to the internal functions (bsc#1213970).
• timers: provide timer_shutdown_sync (bsc#1213970).
• timers: rename del_timer() to timer_delete() (bsc#1213970).
• timers: rename del_timer_sync() to timer_delete_sync() (bsc#1213970).
• timers: replace bug_on()s (bsc#1213970).
• timers: silently ignore timers with a null function (bsc#1213970).
• timers: split [try_to_]del_timer_sync to prepare for shutdown mode (bsc#1213970).
• timers: update kernel-doc for various functions (bsc#1213970).
• timers: use del_timer_sync() even on up (bsc#1213970).
• ubi: ensure that vid header offset + vid header size <= alloc, size (bsc#1210584).
• ubi: fix failure attaching when vid_hdr offset equals to (sub)page size (bsc#1210584).
• usrmerge: Adjust module path in the kernel sources (bsc#1212835).

Special Instructions and Notes:

• Please reboot the system after installing this update.

Patch Instructions:

To install this SUSE Important update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

• openSUSE Leap 15.4
  zypper in -t patch openSUSE-SLE-15.4-2023-3392=1
• openSUSE Leap 15.5
  zypper in -t patch openSUSE-SLE-15.5-2023-3392=1
• SUSE Linux Enterprise Live Patching 15-SP1
  zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP1-2023-3392=1
• SUSE Linux Enterprise High Availability Extension 15 SP1
  zypper in -t patch SUSE-SLE-Product-HA-15-SP1-2023-3392=1
• SUSE Linux Enterprise High Performance Computing 15 SP1 LTSS 15-SP1
  zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2023-3392=1
• SUSE Linux Enterprise Server 15 SP1 LTSS 15-SP1
  zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2023-3392=1
• SUSE Linux Enterprise Server for SAP Applications 15 SP1
  zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2023-3392=1
• SUSE CaaS Platform 4.0
  To install this update, use the SUSE CaaS Platform 'skuba' tool. It will inform you if it detects new updates and let you then trigger updating of the complete cluster in a controlled way.

Package List:

• openSUSE Leap 15.4 (nosrc)
  • kernel-kvmsmall-4.12.14-150100.197.154.1
  • kernel-default-4.12.14-150100.197.154.1
  • kernel-debug-4.12.14-150100.197.154.1
  • kernel-zfcpdump-4.12.14-150100.197.154.1
• openSUSE Leap 15.4 (ppc64le x86_64)
  • kernel-debug-base-debuginfo-4.12.14-150100.197.154.1
  • kernel-debug-base-4.12.14-150100.197.154.1
• openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64)
  • kernel-vanilla-devel-4.12.14-150100.197.154.1
  • kernel-vanilla-base-debuginfo-4.12.14-150100.197.154.1
  • kernel-vanilla-debuginfo-4.12.14-150100.197.154.1
  • kernel-vanilla-livepatch-devel-4.12.14-150100.197.154.1
  • kernel-vanilla-debugsource-4.12.14-150100.197.154.1
  • kernel-default-base-debuginfo-4.12.14-150100.197.154.1
  • kernel-vanilla-devel-debuginfo-4.12.14-150100.197.154.1
  • kernel-vanilla-base-4.12.14-150100.197.154.1
• openSUSE Leap 15.4 (x86_64)
  • kernel-kvmsmall-base-debuginfo-4.12.14-150100.197.154.1
  • kernel-kvmsmall-base-4.12.14-150100.197.154.1
• openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 nosrc)
  • kernel-vanilla-4.12.14-150100.197.154.1
• openSUSE Leap 15.4 (s390x)
  • kernel-default-man-4.12.14-150100.197.154.1
  • kernel-zfcpdump-man-4.12.14-150100.197.154.1
• openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 nosrc)
  • kernel-vanilla-4.12.14-150100.197.154.1
• openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
  • kernel-vanilla-devel-4.12.14-150100.197.154.1
  • kernel-vanilla-base-debuginfo-4.12.14-150100.197.154.1
  • kernel-vanilla-debuginfo-4.12.14-150100.197.154.1
  • kernel-vanilla-livepatch-devel-4.12.14-150100.197.154.1
  • kernel-vanilla-debugsource-4.12.14-150100.197.154.1
  • kernel-vanilla-devel-debuginfo-4.12.14-150100.197.154.1
  • kernel-vanilla-base-4.12.14-150100.197.154.1
• SUSE Linux Enterprise Live Patching 15-SP1 (nosrc)
  • kernel-default-4.12.14-150100.197.154.1
• SUSE Linux Enterprise Live Patching 15-SP1 (ppc64le x86_64)
  • kernel-default-debuginfo-4.12.14-150100.197.154.1
  • kernel-default-debugsource-4.12.14-150100.197.154.1
  • kernel-default-livepatch-4.12.14-150100.197.154.1
  • kernel-default-livepatch-devel-4.12.14-150100.197.154.1
  • kernel-livepatch-4_12_14-150100_197_154-default-1-150100.3.3.1
• SUSE Linux Enterprise High Availability Extension 15 SP1 (aarch64 ppc64le s390x x86_64)
  • gfs2-kmp-default-debuginfo-4.12.14-150100.197.154.1
  • kernel-default-debuginfo-4.12.14-150100.197.154.1
  • kernel-default-debugsource-4.12.14-150100.197.154.1
  • ocfs2-kmp-default-debuginfo-4.12.14-150100.197.154.1
  • dlm-kmp-default-debuginfo-4.12.14-150100.197.154.1
  • gfs2-kmp-default-4.12.14-150100.197.154.1
  • cluster-md-kmp-default-4.12.14-150100.197.154.1
  • ocfs2-kmp-default-4.12.14-150100.197.154.1
  • cluster-md-kmp-default-debuginfo-4.12.14-150100.197.154.1
  • dlm-kmp-default-4.12.14-150100.197.154.1
• SUSE Linux Enterprise High Availability Extension 15 SP1 (nosrc)
  • kernel-default-4.12.14-150100.197.154.1
• SUSE Linux Enterprise High Performance Computing 15 SP1 LTSS 15-SP1 (aarch64 nosrc x86_64)
  • kernel-default-4.12.14-150100.197.154.1
• SUSE Linux Enterprise High Performance Computing 15 SP1 LTSS 15-SP1 (aarch64 x86_64)
  • kernel-obs-build-debugsource-4.12.14-150100.197.154.1
  • kernel-default-debuginfo-4.12.14-150100.197.154.1
  • kernel-default-debugsource-4.12.14-150100.197.154.1
  • kernel-default-devel-debuginfo-4.12.14-150100.197.154.1
  • kernel-default-devel-4.12.14-150100.197.154.1
  • kernel-default-base-debuginfo-4.12.14-150100.197.154.1
  • kernel-syms-4.12.14-150100.197.154.1
  • kernel-default-base-4.12.14-150100.197.154.1
  • kernel-obs-build-4.12.14-150100.197.154.1
• SUSE Linux Enterprise High Performance Computing 15 SP1 LTSS 15-SP1 (noarch)
  • kernel-source-4.12.14-150100.197.154.1
  • kernel-macros-4.12.14-150100.197.154.1
  • kernel-devel-4.12.14-150100.197.154.1
• SUSE Linux Enterprise High Performance Computing 15 SP1 LTSS 15-SP1 (noarch nosrc)
  • kernel-docs-4.12.14-150100.197.154.1
• SUSE Linux Enterprise Server 15 SP1 LTSS 15-SP1 (aarch64 ppc64le s390x x86_64 nosrc)
  • kernel-default-4.12.14-150100.197.154.1
• SUSE Linux Enterprise Server 15 SP1 LTSS 15-SP1 (aarch64 ppc64le s390x x86_64)
  • kernel-obs-build-debugsource-4.12.14-150100.197.154.1
  • reiserfs-kmp-default-4.12.14-150100.197.154.1
  • kernel-default-debuginfo-4.12.14-150100.197.154.1
  • kernel-default-debugsource-4.12.14-150100.197.154.1
  • kernel-default-devel-debuginfo-4.12.14-150100.197.154.1
  • kernel-default-devel-4.12.14-150100.197.154.1
  • kernel-default-base-debuginfo-4.12.14-150100.197.154.1
  • reiserfs-kmp-default-debuginfo-4.12.14-150100.197.154.1
  • kernel-syms-4.12.14-150100.197.154.1
  • kernel-default-base-4.12.14-150100.197.154.1
  • kernel-obs-build-4.12.14-150100.197.154.1
• SUSE Linux Enterprise Server 15 SP1 LTSS 15-SP1 (noarch)
  • kernel-source-4.12.14-150100.197.154.1
  • kernel-macros-4.12.14-150100.197.154.1
  • kernel-devel-4.12.14-150100.197.154.1
• SUSE Linux Enterprise Server 15 SP1 LTSS 15-SP1 (noarch nosrc)
  • kernel-docs-4.12.14-150100.197.154.1
• SUSE Linux Enterprise Server 15 SP1 LTSS 15-SP1 (s390x)
  • kernel-default-man-4.12.14-150100.197.154.1
  • kernel-zfcpdump-debugsource-4.12.14-150100.197.154.1
  • kernel-zfcpdump-debuginfo-4.12.14-150100.197.154.1
• SUSE Linux Enterprise Server 15 SP1 LTSS 15-SP1 (nosrc)
  • kernel-zfcpdump-4.12.14-150100.197.154.1
• SUSE Linux Enterprise Server for SAP Applications 15 SP1 (nosrc ppc64le x86_64)
  • kernel-default-4.12.14-150100.197.154.1
• SUSE Linux Enterprise Server for SAP Applications 15 SP1 (ppc64le x86_64)
  • kernel-obs-build-debugsource-4.12.14-150100.197.154.1
  • reiserfs-kmp-default-4.12.14-150100.197.154.1
  • kernel-default-debuginfo-4.12.14-150100.197.154.1
  • kernel-default-debugsource-4.12.14-150100.197.154.1
  • kernel-default-devel-debuginfo-4.12.14-150100.197.154.1
  • kernel-default-devel-4.12.14-150100.197.154.1
  • kernel-default-base-debuginfo-4.12.14-150100.197.154.1
  • reiserfs-kmp-default-debuginfo-4.12.14-150100.197.154.1
  • kernel-syms-4.12.14-150100.197.154.1
  • kernel-default-base-4.12.14-150100.197.154.1
  • kernel-obs-build-4.12.14-150100.197.154.1
• SUSE Linux Enterprise Server for SAP Applications 15 SP1 (noarch)
  • kernel-source-4.12.14-150100.197.154.1
  • kernel-macros-4.12.14-150100.197.154.1
  • kernel-devel-4.12.14-150100.197.154.1
• SUSE Linux Enterprise Server for SAP Applications 15 SP1 (noarch nosrc)
  • kernel-docs-4.12.14-150100.197.154.1
• SUSE CaaS Platform 4.0 (nosrc x86_64)
  • kernel-default-4.12.14-150100.197.154.1
• SUSE CaaS Platform 4.0 (x86_64)
  • kernel-obs-build-debugsource-4.12.14-150100.197.154.1
  • reiserfs-kmp-default-4.12.14-150100.197.154.1
  • kernel-default-debuginfo-4.12.14-150100.197.154.1
  • kernel-default-debugsource-4.12.14-150100.197.154.1
  • kernel-default-devel-debuginfo-4.12.14-150100.197.154.1
  • kernel-default-devel-4.12.14-150100.197.154.1
  • kernel-default-base-debuginfo-4.12.14-150100.197.154.1
  • reiserfs-kmp-default-debuginfo-4.12.14-150100.197.154.1
  • kernel-syms-4.12.14-150100.197.154.1
  • kernel-default-base-4.12.14-150100.197.154.1
  • kernel-obs-build-4.12.14-150100.197.154.1
• SUSE CaaS Platform 4.0 (noarch)
  • kernel-source-4.12.14-150100.197.154.1
  • kernel-macros-4.12.14-150100.197.154.1
  • kernel-devel-4.12.14-150100.197.154.1
• SUSE CaaS Platform 4.0 (noarch nosrc)
  • kernel-docs-4.12.14-150100.197.154.1

References:

• https://www.suse.com/security/cve/CVE-2022-40982.html
• https://www.suse.com/security/cve/CVE-2023-0459.html
• https://www.suse.com/security/cve/CVE-2023-20569.html
• https://www.suse.com/security/cve/CVE-2023-20593.html
• https://www.suse.com/security/cve/CVE-2023-2985.html
• https://www.suse.com/security/cve/CVE-2023-34319.html
• https://www.suse.com/security/cve/CVE-2023-35001.html
• https://www.suse.com/security/cve/CVE-2023-3567.html
• https://www.suse.com/security/cve/CVE-2023-3609.html
• https://www.suse.com/security/cve/CVE-2023-3611.html
• https://www.suse.com/security/cve/CVE-2023-3776.html
• https://www.suse.com/security/cve/CVE-2023-4133.html
• https://www.suse.com/security/cve/CVE-2023-4194.html
• https://bugzilla.suse.com/show_bug.cgi?id=1206418
• https://bugzilla.suse.com/show_bug.cgi?id=1207088
• https://bugzilla.suse.com/show_bug.cgi?id=1210584
• https://bugzilla.suse.com/show_bug.cgi?id=1211738
• https://bugzilla.suse.com/show_bug.cgi?id=1211867
• https://bugzilla.suse.com/show_bug.cgi?id=1212301
• https://bugzilla.suse.com/show_bug.cgi?id=1212741
• https://bugzilla.suse.com/show_bug.cgi?id=1212835
• https://bugzilla.suse.com/show_bug.cgi?id=1213059
• https://bugzilla.suse.com/show_bug.cgi?id=1213167
• https://bugzilla.suse.com/show_bug.cgi?id=1213286
• https://bugzilla.suse.com/show_bug.cgi?id=1213287
• https://bugzilla.suse.com/show_bug.cgi?id=1213546
• https://bugzilla.suse.com/show_bug.cgi?id=1213585
• https://bugzilla.suse.com/show_bug.cgi?id=1213586
• https://bugzilla.suse.com/show_bug.cgi?id=1213588
• https://bugzilla.suse.com/show_bug.cgi?id=1213970
• https://bugzilla.suse.com/show_bug.cgi?id=1214019