{"document":{"aggregate_severity":{"namespace":"https://www.suse.com/support/security/rating/","text":"important"},"category":"csaf_security_advisory","csaf_version":"2.0","distribution":{"text":"Copyright 2024 SUSE LLC. All rights reserved.","tlp":{"label":"WHITE","url":"https://www.first.org/tlp/"}},"lang":"en","notes":[{"category":"summary","text":"Security update for the Linux Kernel","title":"Title of the patch"},{"category":"description","text":"\nThe SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2023-39194: Fixed an out of bounds read in the XFRM subsystem (bsc#1215861).\n- CVE-2023-39193: Fixed an out of bounds read in the xtables subsystem (bsc#1215860).\n- CVE-2023-39192: Fixed an out of bounds read in the netfilter (bsc#1215858).\n- CVE-2023-42754: Fixed a NULL pointer dereference in the IPv4 stack that could lead to denial of service (bsc#1215467).\n- CVE-2023-4389: Fixed a reference counting issue in the Btrfs filesystem that could be exploited in order to leak internal kernel information or crash the system (bsc#1214351).\n- CVE-2023-5345: fixed an use-after-free vulnerability in the fs/smb/client component which could be exploited to achieve local privilege escalation. (bsc#1215899)\n- CVE-2023-42753: Fixed an array indexing vulnerability in the netfilter subsystem. This issue may have allowed a local user to crash the system or potentially escalate their privileges (bsc#1215150).\n- CVE-2023-1206: Fixed a hash collision flaw in the IPv6 connection lookup table. A user located in the local network or with a high bandwidth connection can increase the CPU usage of the server that accepts IPV6 connections up to 95% (bsc#1212703).\n- CVE-2023-4921: Fixed a use-after-free vulnerability in the QFQ network scheduler which could be exploited to achieve local privilege escalatio (bsc#1215275).\n- CVE-2023-4622: Fixed a use-after-free vulnerability in the Unix domain sockets component which could be exploited to achieve local privilege escalation (bsc#1215117).\n- CVE-2023-4623: Fixed a use-after-free issue in the HFSC network scheduler which could be exploited to achieve local privilege escalation (bsc#1215115).\n- CVE-2023-4155: Fixed a flaw in KVM AMD Secure Encrypted Virtualization (SEV). An attacker can trigger a stack overflow and cause a denial of service or potentially guest-to-host escape in kernel configurations without stack guard pages. (bsc#1214022)\n\nThe following non-security bugs were fixed:\n\n- ALSA: hda/realtek: Splitting the UX3402 into two separate models (git-fixes).\n- arm64: module-plts: inline linux/moduleloader.h (git-fixes)\n- arm64: module: Use module_init_layout_section() to spot init sections (git-fixes)\n- arm64: sdei: abort running SDEI handlers during crash (git-fixes)\n- arm64: tegra: Update AHUB clock parent and rate (git-fixes)\n- arm64/fpsimd: Only provide the length to cpufeature for xCR registers (git-fixes)\n- ASoC: amd: yc: Fix non-functional mic on Lenovo 82QF and 82UG (git-fixes).\n- ASoC: hdaudio.c: Add missing check for devm_kstrdup (git-fixes).\n- ASoC: imx-audmix: Fix return error with devm_clk_get() (git-fixes).\n- ASoC: meson: spdifin: start hw on dai probe (git-fixes).\n- ASoC: rt5640: Fix IRQ not being free-ed for HDA jack detect mode (git-fixes).\n- ASoC: rt5640: Fix sleep in atomic context (git-fixes).\n- ASoC: rt5640: Revert 'Fix sleep in atomic context' (git-fixes).\n- ASoC: soc-utils: Export snd_soc_dai_is_dummy() symbol (git-fixes).\n- ASoC: SOF: core: Only call sof_ops_free() on remove if the probe was successful (git-fixes).\n- ASoC: tegra: Fix redundant PLLA and PLLA_OUT0 updates (git-fixes).\n- blk-iocost: fix divide by 0 error in calc_lcoefs() (bsc#1214986).\n- blk-iocost: use spin_lock_irqsave in adjust_inuse_and_calc_cost (bsc#1214992).\n- block/mq-deadline: use correct way to throttling write requests (bsc#1214993).\n- bnx2x: new flag for track HW resource allocation (bsc#1202845 bsc#1215322).\n- clocksource: hyper-v: Mark hyperv tsc page unencrypted in sev-snp enlightened guest (bsc#1206453).\n- drivers: hv: Mark percpu hvcall input arg page unencrypted in SEV-SNP enlightened guest (bsc#1206453).\n- Drivers: hv: vmbus: Bring the post_msg_page back for TDX VMs with the paravisor (bsc#1206453).\n- Drivers: hv: vmbus: Support >64 VPs for a fully enlightened TDX/SNP VM (bsc#1206453).\n- Drivers: hv: vmbus: Support fully enlightened TDX guests (bsc#1206453).\n- drm/ast: Add BMC virtual connector (bsc#1152472) Backporting changes: \t* rename ast_device to ast_private\n- drm/ast: report connection status on Display Port. (bsc#1152472) Backporting changes: \t* rename ast_device to ast_private \t* context changes\n- drm/display: Do not assume dual mode adaptors support i2c sub-addressing (bsc#1213808).\n- drm/meson: fix memory leak on ->hpd_notify callback (git-fixes).\n- drm/virtio: Correct drm_gem_shmem_get_sg_table() error handling (git-fixes).\n- drm/virtio: Use appropriate atomic state in virtio_gpu_plane_cleanup_fb() (git-fixes).\n- ext4: avoid potential data overflow in next_linear_group (bsc#1214951).\n- ext4: correct inline offset when handling xattrs in inode body (bsc#1214950).\n- ext4: fix memory leaks in ext4_fname_{setup_filename,prepare_lookup} (bsc#1214954).\n- ext4: fix wrong unit use in ext4_mb_clear_bb (bsc#1214943).\n- ext4: fix wrong unit use in ext4_mb_new_blocks (bsc#1214944).\n- ext4: get block from bh in ext4_free_blocks for fast commit replay (bsc#1214942).\n- ext4: reflect error codes from ext4_multi_mount_protect() to its callers (bsc#1214941).\n- ext4: Remove ext4 locking of moved directory (bsc#1214957).\n- ext4: set goal start correctly in ext4_mb_normalize_request (bsc#1214940).\n- fs: Establish locking order for unrelated directories (bsc#1214958).\n- fs: Lock moved directories (bsc#1214959).\n- fs: lockd: avoid possible wrong NULL parameter (git-fixes).\n- fs: no need to check source (bsc#1215752).\n- fuse: nlookup missing decrement in fuse_direntplus_link (bsc#1215581).\n- gve: Add AF_XDP zero-copy support for GQI-QPL format (bsc#1214479).\n- gve: Add XDP DROP and TX support for GQI-QPL format (bsc#1214479).\n- gve: Add XDP REDIRECT support for GQI-QPL format (bsc#1214479).\n- gve: Changes to add new TX queues (bsc#1214479).\n- gve: Control path for DQO-QPL (bsc#1214479).\n- gve: fix frag_list chaining (bsc#1214479).\n- gve: Fix gve interrupt names (bsc#1214479).\n- gve: RX path for DQO-QPL (bsc#1214479).\n- gve: trivial spell fix Recive to Receive (bsc#1214479).\n- gve: Tx path for DQO-QPL (bsc#1214479).\n- gve: Unify duplicate GQ min pkt desc size constants (bsc#1214479).\n- gve: use vmalloc_array and vcalloc (bsc#1214479).\n- gve: XDP support GQI-QPL: helper function changes (bsc#1214479).\n- hwrng: virtio - add an internal buffer (git-fixes).\n- hwrng: virtio - always add a pending request (git-fixes).\n- hwrng: virtio - do not wait on cleanup (git-fixes).\n- hwrng: virtio - do not waste entropy (git-fixes).\n- hwrng: virtio - Fix race on data_avail and actual data (git-fixes).\n- i915/pmu: Move execlist stats initialization to execlist specific setup (git-fixes).\n- iommu/virtio: Detach domain on endpoint release (git-fixes).\n- iommu/virtio: Return size mapped for a detached domain (git-fixes).\n- jbd2: check 'jh->b_transaction' before removing it from checkpoint (bsc#1214953).\n- jbd2: correct the end of the journal recovery scan range (bsc#1214955).\n- jbd2: fix a race when checking checkpoint buffer busy (bsc#1214949).\n- jbd2: fix checkpoint cleanup performance regression (bsc#1214952).\n- jbd2: Fix wrongly judgement for buffer head removing while doing checkpoint (bsc#1214948).\n- jbd2: recheck chechpointing non-dirty buffer (bsc#1214945).\n- jbd2: remove journal_clean_one_cp_list() (bsc#1214947).\n- jbd2: remove t_checkpoint_io_list (bsc#1214946).\n- jbd2: restore t_checkpoint_io_list to maintain kABI (bsc#1214946).\n- kernel-binary: Move build-time definitions together Move source list and build architecture to buildrequires to aid in future reorganization of the spec template.\n- kernel-binary: python3 is needed for build At least scripts/bpf_helpers_doc.py requires python3 since Linux 4.18 Other simimlar scripts may exist.\n- KVM: s390: fix KVM_S390_GET_CMMA_BITS for GFNs in memslot holes (git-fixes bsc#1215915).\n- KVM: s390: interrupt: use READ_ONCE() before cmpxchg() (git-fixes bsc#1215896).\n- KVM: s390: pv: fix external interruption loop not always detected (git-fixes bsc#1215916).\n- KVM: s390: vsie: Fix the initialization of the epoch extension (epdx) field (git-fixes bsc#1215894).\n- KVM: s390: vsie: fix the length of APCB bitmap (git-fixes bsc#1215895).\n- KVM: s390/diag: fix racy access of physical cpu number in diag 9c handler (git-fixes bsc#1215911).\n- KVM: x86: Fix KVM_CAP_SYNC_REGS's sync_regs() TOCTOU issues (git-fixes).\n- KVM: x86/mmu: Include mmu.h in spte.h (git-fixes).\n- loop: Fix use-after-free issues (bsc#1214991).\n- loop: loop_set_status_from_info() check before assignment (bsc#1214990).\n- module: Expose module_init_layout_section() (git-fixes)\n- net: do not allow gso_size to be set to GSO_BY_FRAGS (git-fixes).\n- net: mana: Add page pool for RX buffers (bsc#1214040).\n- net: mana: Configure hwc timeout from hardware (bsc#1214037).\n- net: usb: qmi_wwan: add Quectel EM05GV2 (git-fixes).\n- NFS: Guard against READDIR loop when entry names exceed MAXNAMELEN (git-fixes).\n- nfs/blocklayout: Use the passed in gfp flags (git-fixes).\n- NFS/pNFS: Report EINVAL errors from connect() to the server (git-fixes).\n- NFSD: da_addr_body field missing in some GETDEVICEINFO replies (git-fixes).\n- nfsd: fix change_info in NFSv4 RENAME replies (git-fixes).\n- nfsd: Fix race to FREE_STATEID and cl_revoked (git-fixes).\n- NFSv4: Fix dropped lock for racing OPEN and delegation return (git-fixes).\n- NFSv4: fix out path in __nfs4_get_acl_uncached (git-fixes).\n- NFSv4.2: fix error handling in nfs42_proc_getxattr (git-fixes).\n- NFSv4.2: fix handling of COPY ERR_OFFLOAD_NO_REQ (git-fixes).\n- NFSv4/pnfs: minor fix for cleanup path in nfs4_get_device_info (git-fixes).\n- nvme-auth: use chap->s2 to indicate bidirectional authentication (bsc#1214543).\n- nvme-tcp: add recovery_delay to sysfs (bsc#1201284).\n- nvme-tcp: delay error recovery until the next KATO interval (bsc#1201284).\n- nvme-tcp: Do not terminate commands when in RESETTING (bsc#1201284).\n- nvme-tcp: make 'err_work' a delayed work (bsc#1201284).\n- platform/x86: intel_scu_ipc: Check status after timeout in busy_loop() (git-fixes).\n- platform/x86: intel_scu_ipc: Check status upon timeout in ipc_wait_for_interrupt() (git-fixes).\n- platform/x86: intel_scu_ipc: Do not override scu in intel_scu_ipc_dev_simple_command() (git-fixes).\n- platform/x86: intel_scu_ipc: Fail IPC send if still busy (git-fixes).\n- pNFS: Fix assignment of xprtdata.cred (git-fixes).\n- powerpc/fadump: make is_kdump_kernel() return false when fadump is active (bsc#1212639 ltc#202582).\n- printk: ringbuffer: Fix truncating buffer size min_t cast (bsc#1215875).\n- quota: add new helper dquot_active() (bsc#1214998).\n- quota: factor out dquot_write_dquot() (bsc#1214995).\n- quota: fix dqput() to follow the guarantees dquot_srcu should provide (bsc#1214963).\n- quota: fix warning in dqgrab() (bsc#1214962).\n- quota: Properly disable quotas when add_dquot_ref() fails (bsc#1214961).\n- quota: rename dquot_active() to inode_quota_active() (bsc#1214997).\n- RDMA/siw: Fabricate a GID on tun and loopback devices (git-fixes)\n- scsi: lpfc: Early return after marking final NLP_DROPPED flag in dev_loss_tmo (git-fixes).\n- scsi: lpfc: Fix the NULL vs IS_ERR() bug for debugfs_create_file() (git-fixes).\n- scsi: lpfc: Prevent use-after-free during rmmod with mapped NVMe rports (git-fixes).\n- scsi: qedf: Add synchronization between I/O completions and abort (bsc#1210658).\n- scsi: qla2xxx: Fix NULL vs IS_ERR() bug for debugfs_create_dir() (git-fixes).\n- scsi: qla2xxx: Use raw_smp_processor_id() instead of smp_processor_id() (git-fixes).\n- scsi: storvsc: Handle additional SRB status values (git-fixes).\n- scsi: zfcp: Fix a double put in zfcp_port_enqueue() (git-fixes bsc#1215941).\n- selftests: mlxsw: Fix test failure on Spectrum-4 (jsc#PED-1549).\n- spi: Add TPM HW flow flag (bsc#1213534)\n- spi: tegra210-quad: Enable TPM wait polling (bsc#1213534)\n- spi: tegra210-quad: set half duplex flag (bsc#1213534)\n- SUNRPC: Mark the cred for revalidation if the server rejects it (git-fixes).\n- tpm_tis_spi: Add hardware wait polling (bsc#1213534)\n- uapi: stddef.h: Fix __DECLARE_FLEX_ARRAY for C++ (git-fixes).\n- udf: Fix extension of the last extent in the file (bsc#1214964).\n- udf: Fix file corruption when appending just after end of preallocated extent (bsc#1214965).\n- udf: Fix off-by-one error when discarding preallocation (bsc#1214966).\n- udf: Fix uninitialized array access for some pathnames (bsc#1214967).\n- Update metadata\n- usb: ehci: add workaround for chipidea PORTSC.PEC bug (git-fixes).\n- usb: ehci: move new member has_ci_pec_bug into hole (git-fixes).\n- vhost_vdpa: fix the crash in unmap a large memory (git-fixes).\n- vhost-scsi: unbreak any layout for response (git-fixes).\n- vhost: allow batching hint without size (git-fixes).\n- vhost: allow batching hint without size (git-fixes).\n- vhost: fix hung thread due to erroneous iotlb entries (git-fixes).\n- vhost: handle error while adding split ranges to iotlb (git-fixes).\n- virtio_net: add checking sq is full inside xdp xmit (git-fixes).\n- virtio_net: Fix probe failed when modprobe virtio_net (git-fixes).\n- virtio_net: reorder some funcs (git-fixes).\n- virtio_net: separate the logic of checking whether sq is full (git-fixes).\n- virtio_ring: fix avail_wrap_counter in virtqueue_add_packed (git-fixes).\n- virtio-blk: set req->state to MQ_RQ_COMPLETE after polling I/O is finished (git-fixes).\n- virtio-mmio: do not break lifecycle of vm_dev (git-fixes).\n- virtio-net: fix race between set queues and probe (git-fixes).\n- virtio-net: set queues after driver_ok (git-fixes).\n- virtio-rng: make device ready before making request (git-fixes).\n- virtio: acknowledge all features before access (git-fixes).\n- vmcore: remove dependency with is_kdump_kernel() for exporting vmcore (bsc#1212639 ltc#202582).\n- x86/coco: Allow CPU online/offline for a TDX VM with the paravisor on Hyper-V (bsc#1206453).\n- x86/coco: Export cc_vendor (bsc#1206453).\n- x86/hyperv: Add hv_write_efer() for a TDX VM with the paravisor (bsc#1206453).\n- x86/hyperv: Add hyperv-specific handling for VMMCALL under SEV-ES (bsc#1206453).\n- x86/hyperv: Add missing 'inline' to hv_snp_boot_ap() stub (bsc#1206453).\n- x86/hyperv: Add sev-snp enlightened guest static key (bsc#1206453)\n- x86/hyperv: Add smp support for SEV-SNP guest (bsc#1206453).\n- x86/hyperv: Add VTL specific structs and hypercalls (bsc#1206453).\n- x86/hyperv: Fix serial console interrupts for fully enlightened TDX guests (bsc#1206453).\n- x86/hyperv: Fix undefined reference to isolation_type_en_snp without CONFIG_HYPERV (bsc#1206453).\n- x86/hyperv: Introduce a global variable hyperv_paravisor_present (bsc#1206453).\n- x86/hyperv: Mark hv_ghcb_terminate() as noreturn (bsc#1206453).\n- x86/hyperv: Mark Hyper-V vp assist page unencrypted in SEV-SNP enlightened guest (bsc#1206453).\n- x86/hyperv: Move the code in ivm.c around to avoid unnecessary ifdef's (bsc#1206453).\n- x86/hyperv: Remove hv_isolation_type_en_snp (bsc#1206453).\n- x86/hyperv: Set Virtual Trust Level in VMBus init message (bsc#1206453).\n- x86/hyperv: Support hypercalls for fully enlightened TDX guests (bsc#1206453).\n- x86/hyperv: Use TDX GHCI to access some MSRs in a TDX VM with the paravisor (bsc#1206453).\n- x86/hyperv: Use vmmcall to implement Hyper-V hypercall in sev-snp enlightened guest (bsc#1206453).\n- x86/PVH: avoid 32-bit build warning when obtaining VGA console info (git-fixes).\n- x86/srso: Do not probe microcode in a guest (git-fixes).\n- x86/srso: Fix SBPB enablement for spec_rstack_overflow=off (git-fixes).\n- x86/srso: Fix srso_show_state() side effect (git-fixes).\n- x86/srso: Set CPUID feature bits independently of bug or mitigation status (git-fixes).\n- xen: remove a confusing comment on auto-translated guest I/O (git-fixes).\n- xprtrdma: Remap Receive buffers after a reconnect (git-fixes).\n","title":"Description of the patch"},{"category":"details","text":"SUSE-2023-4035,SUSE-SLE-Micro-5.5-2023-4035,SUSE-SLE-Module-Live-Patching-15-SP5-2023-4035,SUSE-SLE-Module-RT-15-SP5-2023-4035,openSUSE-SLE-15.5-2023-4035","title":"Patchnames"},{"category":"legal_disclaimer","text":"CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).","title":"Terms of use"}],"publisher":{"category":"vendor","contact_details":"https://www.suse.com/support/security/contact/","name":"SUSE Product Security Team","namespace":"https://www.suse.com/"},"references":[{"category":"external","summary":"SUSE ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"self","summary":"URL of this CSAF notice","url":"https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_4035-1.json"},{"category":"self","summary":"URL for SUSE-SU-2023:4035-1","url":"https://www.suse.com/support/update/announcement/2023/suse-su-20234035-1/"},{"category":"self","summary":"E-Mail link for SUSE-SU-2023:4035-1","url":"https://lists.suse.com/pipermail/sle-security-updates/2023-October/016616.html"},{"category":"self","summary":"SUSE Bug 1152472","url":"https://bugzilla.suse.com/1152472"},{"category":"self","summary":"SUSE Bug 1202845","url":"https://bugzilla.suse.com/1202845"},{"category":"self","summary":"SUSE Bug 1206453","url":"https://bugzilla.suse.com/1206453"},{"category":"self","summary":"SUSE Bug 1213808","url":"https://bugzilla.suse.com/1213808"},{"category":"self","summary":"SUSE Bug 1214941","url":"https://bugzilla.suse.com/1214941"},{"category":"self","summary":"SUSE Bug 1214942","url":"https://bugzilla.suse.com/1214942"},{"category":"self","summary":"SUSE Bug 1214943","url":"https://bugzilla.suse.com/1214943"},{"category":"self","summary":"SUSE Bug 1214944","url":"https://bugzilla.suse.com/1214944"},{"category":"self","summary":"SUSE Bug 1214950","url":"https://bugzilla.suse.com/1214950"},{"category":"self","summary":"SUSE Bug 1214951","url":"https://bugzilla.suse.com/1214951"},{"category":"self","summary":"SUSE Bug 1214954","url":"https://bugzilla.suse.com/1214954"},{"category":"self","summary":"SUSE Bug 1214957","url":"https://bugzilla.suse.com/1214957"},{"category":"self","summary":"SUSE Bug 1214986","url":"https://bugzilla.suse.com/1214986"},{"category":"self","summary":"SUSE Bug 1214992","url":"https://bugzilla.suse.com/1214992"},{"category":"self","summary":"SUSE Bug 1214993","url":"https://bugzilla.suse.com/1214993"},{"category":"self","summary":"SUSE Bug 1215322","url":"https://bugzilla.suse.com/1215322"},{"category":"self","summary":"SUSE Bug 1215523","url":"https://bugzilla.suse.com/1215523"},{"category":"self","summary":"SUSE Bug 1215877","url":"https://bugzilla.suse.com/1215877"},{"category":"self","summary":"SUSE Bug 1215894","url":"https://bugzilla.suse.com/1215894"},{"category":"self","summary":"SUSE Bug 1215895","url":"https://bugzilla.suse.com/1215895"},{"category":"self","summary":"SUSE Bug 1215896","url":"https://bugzilla.suse.com/1215896"},{"category":"self","summary":"SUSE Bug 1215911","url":"https://bugzilla.suse.com/1215911"},{"category":"self","summary":"SUSE Bug 1215915","url":"https://bugzilla.suse.com/1215915"},{"category":"self","summary":"SUSE Bug 1215916","url":"https://bugzilla.suse.com/1215916"},{"category":"self","summary":"SUSE CVE CVE-2023-1206 page","url":"https://www.suse.com/security/cve/CVE-2023-1206/"},{"category":"self","summary":"SUSE CVE CVE-2023-39192 page","url":"https://www.suse.com/security/cve/CVE-2023-39192/"},{"category":"self","summary":"SUSE CVE CVE-2023-39193 page","url":"https://www.suse.com/security/cve/CVE-2023-39193/"},{"category":"self","summary":"SUSE CVE CVE-2023-39194 page","url":"https://www.suse.com/security/cve/CVE-2023-39194/"},{"category":"self","summary":"SUSE CVE CVE-2023-4155 page","url":"https://www.suse.com/security/cve/CVE-2023-4155/"},{"category":"self","summary":"SUSE CVE CVE-2023-42753 page","url":"https://www.suse.com/security/cve/CVE-2023-42753/"},{"category":"self","summary":"SUSE CVE CVE-2023-42754 page","url":"https://www.suse.com/security/cve/CVE-2023-42754/"},{"category":"self","summary":"SUSE CVE CVE-2023-4389 page","url":"https://www.suse.com/security/cve/CVE-2023-4389/"},{"category":"self","summary":"SUSE CVE CVE-2023-4622 page","url":"https://www.suse.com/security/cve/CVE-2023-4622/"},{"category":"self","summary":"SUSE CVE CVE-2023-4623 page","url":"https://www.suse.com/security/cve/CVE-2023-4623/"},{"category":"self","summary":"SUSE CVE CVE-2023-4921 page","url":"https://www.suse.com/security/cve/CVE-2023-4921/"},{"category":"self","summary":"SUSE CVE CVE-2023-5345 page","url":"https://www.suse.com/security/cve/CVE-2023-5345/"}],"title":"Security update for the Linux Kernel","tracking":{"current_release_date":"2023-10-10T14:42:43Z","generator":{"date":"2023-10-10T14:42:43Z","engine":{"name":"cve-database.git:bin/generate-csaf.pl","version":"1"}},"id":"SUSE-SU-2023:4035-1","initial_release_date":"2023-10-10T14:42:43Z","revision_history":[{"date":"2023-10-10T14:42:43Z","number":"1","summary":"Current version"}],"status":"final","version":"1"}},"product_tree":{"branches":[{"branches":[{"branches":[{"category":"product_version","name":"kernel-devel-rt-5.14.21-150500.13.21.1.noarch","product":{"name":"kernel-devel-rt-5.14.21-150500.13.21.1.noarch","product_id":"kernel-devel-rt-5.14.21-150500.13.21.1.noarch"}},{"category":"product_version","name":"kernel-source-rt-5.14.21-150500.13.21.1.noarch","product":{"name":"kernel-source-rt-5.14.21-150500.13.21.1.noarch","product_id":"kernel-source-rt-5.14.21-150500.13.21.1.noarch"}}],"category":"architecture","name":"noarch"},{"branches":[{"category":"product_version","name":"cluster-md-kmp-rt-5.14.21-150500.13.21.1.x86_64","product":{"name":"cluster-md-kmp-rt-5.14.21-150500.13.21.1.x86_64","product_id":"cluster-md-kmp-rt-5.14.21-150500.13.21.1.x86_64"}},{"category":"product_version","name":"dlm-kmp-rt-5.14.21-150500.13.21.1.x86_64","product":{"name":"dlm-kmp-rt-5.14.21-150500.13.21.1.x86_64","product_id":"dlm-kmp-rt-5.14.21-150500.13.21.1.x86_64"}},{"category":"product_version","name":"gfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","product":{"name":"gfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","product_id":"gfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64"}},{"category":"product_version","name":"kernel-livepatch-5_14_21-150500_13_21-rt-1-150500.11.3.1.x86_64","product":{"name":"kernel-livepatch-5_14_21-150500_13_21-rt-1-150500.11.3.1.x86_64","product_id":"kernel-livepatch-5_14_21-150500_13_21-rt-1-150500.11.3.1.x86_64"}},{"category":"product_version","name":"kernel-rt-5.14.21-150500.13.21.1.x86_64","product":{"name":"kernel-rt-5.14.21-150500.13.21.1.x86_64","product_id":"kernel-rt-5.14.21-150500.13.21.1.x86_64"}},{"category":"product_version","name":"kernel-rt-devel-5.14.21-150500.13.21.1.x86_64","product":{"name":"kernel-rt-devel-5.14.21-150500.13.21.1.x86_64","product_id":"kernel-rt-devel-5.14.21-150500.13.21.1.x86_64"}},{"category":"product_version","name":"kernel-rt-extra-5.14.21-150500.13.21.1.x86_64","product":{"name":"kernel-rt-extra-5.14.21-150500.13.21.1.x86_64","product_id":"kernel-rt-extra-5.14.21-150500.13.21.1.x86_64"}},{"category":"product_version","name":"kernel-rt-livepatch-5.14.21-150500.13.21.1.x86_64","product":{"name":"kernel-rt-livepatch-5.14.21-150500.13.21.1.x86_64","product_id":"kernel-rt-livepatch-5.14.21-150500.13.21.1.x86_64"}},{"category":"product_version","name":"kernel-rt-livepatch-devel-5.14.21-150500.13.21.1.x86_64","product":{"name":"kernel-rt-livepatch-devel-5.14.21-150500.13.21.1.x86_64","product_id":"kernel-rt-livepatch-devel-5.14.21-150500.13.21.1.x86_64"}},{"category":"product_version","name":"kernel-rt-optional-5.14.21-150500.13.21.1.x86_64","product":{"name":"kernel-rt-optional-5.14.21-150500.13.21.1.x86_64","product_id":"kernel-rt-optional-5.14.21-150500.13.21.1.x86_64"}},{"category":"product_version","name":"kernel-rt-vdso-5.14.21-150500.13.21.1.x86_64","product":{"name":"kernel-rt-vdso-5.14.21-150500.13.21.1.x86_64","product_id":"kernel-rt-vdso-5.14.21-150500.13.21.1.x86_64"}},{"category":"product_version","name":"kernel-rt_debug-5.14.21-150500.13.21.1.x86_64","product":{"name":"kernel-rt_debug-5.14.21-150500.13.21.1.x86_64","product_id":"kernel-rt_debug-5.14.21-150500.13.21.1.x86_64"}},{"category":"product_version","name":"kernel-rt_debug-devel-5.14.21-150500.13.21.1.x86_64","product":{"name":"kernel-rt_debug-devel-5.14.21-150500.13.21.1.x86_64","product_id":"kernel-rt_debug-devel-5.14.21-150500.13.21.1.x86_64"}},{"category":"product_version","name":"kernel-rt_debug-livepatch-devel-5.14.21-150500.13.21.1.x86_64","product":{"name":"kernel-rt_debug-livepatch-devel-5.14.21-150500.13.21.1.x86_64","product_id":"kernel-rt_debug-livepatch-devel-5.14.21-150500.13.21.1.x86_64"}},{"category":"product_version","name":"kernel-rt_debug-vdso-5.14.21-150500.13.21.1.x86_64","product":{"name":"kernel-rt_debug-vdso-5.14.21-150500.13.21.1.x86_64","product_id":"kernel-rt_debug-vdso-5.14.21-150500.13.21.1.x86_64"}},{"category":"product_version","name":"kernel-syms-rt-5.14.21-150500.13.21.1.x86_64","product":{"name":"kernel-syms-rt-5.14.21-150500.13.21.1.x86_64","product_id":"kernel-syms-rt-5.14.21-150500.13.21.1.x86_64"}},{"category":"product_version","name":"kselftests-kmp-rt-5.14.21-150500.13.21.1.x86_64","product":{"name":"kselftests-kmp-rt-5.14.21-150500.13.21.1.x86_64","product_id":"kselftests-kmp-rt-5.14.21-150500.13.21.1.x86_64"}},{"category":"product_version","name":"ocfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","product":{"name":"ocfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","product_id":"ocfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64"}},{"category":"product_version","name":"reiserfs-kmp-rt-5.14.21-150500.13.21.1.x86_64","product":{"name":"reiserfs-kmp-rt-5.14.21-150500.13.21.1.x86_64","product_id":"reiserfs-kmp-rt-5.14.21-150500.13.21.1.x86_64"}}],"category":"architecture","name":"x86_64"},{"branches":[{"category":"product_name","name":"SUSE Linux Enterprise Micro 5.5","product":{"name":"SUSE Linux Enterprise Micro 5.5","product_id":"SUSE Linux Enterprise Micro 5.5","product_identification_helper":{"cpe":"cpe:/o:suse:sle-micro:5.5"}}},{"category":"product_name","name":"SUSE Linux Enterprise Live Patching 15 SP5","product":{"name":"SUSE Linux Enterprise Live Patching 15 SP5","product_id":"SUSE Linux Enterprise Live Patching 15 SP5","product_identification_helper":{"cpe":"cpe:/o:suse:sle-module-live-patching:15:sp5"}}},{"category":"product_name","name":"SUSE Real Time Module 15 SP5","product":{"name":"SUSE Real Time Module 15 SP5","product_id":"SUSE Real Time Module 15 SP5","product_identification_helper":{"cpe":"cpe:/o:suse:sle-module-rt:15:sp5"}}},{"category":"product_name","name":"openSUSE Leap 15.5","product":{"name":"openSUSE Leap 15.5","product_id":"openSUSE Leap 15.5","product_identification_helper":{"cpe":"cpe:/o:opensuse:leap:15.5"}}}],"category":"product_family","name":"SUSE Linux Enterprise"}],"category":"vendor","name":"SUSE"}],"relationships":[{"category":"default_component_of","full_product_name":{"name":"kernel-rt-5.14.21-150500.13.21.1.x86_64 as component of SUSE Linux Enterprise Micro 5.5","product_id":"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.21.1.x86_64"},"product_reference":"kernel-rt-5.14.21-150500.13.21.1.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Micro 5.5"},{"category":"default_component_of","full_product_name":{"name":"kernel-livepatch-5_14_21-150500_13_21-rt-1-150500.11.3.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP5","product_id":"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_21-rt-1-150500.11.3.1.x86_64"},"product_reference":"kernel-livepatch-5_14_21-150500_13_21-rt-1-150500.11.3.1.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Live Patching 15 SP5"},{"category":"default_component_of","full_product_name":{"name":"cluster-md-kmp-rt-5.14.21-150500.13.21.1.x86_64 as component of SUSE Real Time Module 15 SP5","product_id":"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.21.1.x86_64"},"product_reference":"cluster-md-kmp-rt-5.14.21-150500.13.21.1.x86_64","relates_to_product_reference":"SUSE Real Time Module 15 SP5"},{"category":"default_component_of","full_product_name":{"name":"dlm-kmp-rt-5.14.21-150500.13.21.1.x86_64 as component of SUSE Real Time Module 15 SP5","product_id":"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.21.1.x86_64"},"product_reference":"dlm-kmp-rt-5.14.21-150500.13.21.1.x86_64","relates_to_product_reference":"SUSE Real Time Module 15 SP5"},{"category":"default_component_of","full_product_name":{"name":"gfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64 as component of SUSE Real Time Module 15 SP5","product_id":"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64"},"product_reference":"gfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","relates_to_product_reference":"SUSE Real Time Module 15 SP5"},{"category":"default_component_of","full_product_name":{"name":"kernel-devel-rt-5.14.21-150500.13.21.1.noarch as component of SUSE Real Time Module 15 SP5","product_id":"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.21.1.noarch"},"product_reference":"kernel-devel-rt-5.14.21-150500.13.21.1.noarch","relates_to_product_reference":"SUSE Real Time Module 15 SP5"},{"category":"default_component_of","full_product_name":{"name":"kernel-rt-5.14.21-150500.13.21.1.x86_64 as component of SUSE Real Time Module 15 SP5","product_id":"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.21.1.x86_64"},"product_reference":"kernel-rt-5.14.21-150500.13.21.1.x86_64","relates_to_product_reference":"SUSE Real Time Module 15 SP5"},{"category":"default_component_of","full_product_name":{"name":"kernel-rt-devel-5.14.21-150500.13.21.1.x86_64 as component of SUSE Real Time Module 15 SP5","product_id":"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.21.1.x86_64"},"product_reference":"kernel-rt-devel-5.14.21-150500.13.21.1.x86_64","relates_to_product_reference":"SUSE Real Time Module 15 SP5"},{"category":"default_component_of","full_product_name":{"name":"kernel-rt-vdso-5.14.21-150500.13.21.1.x86_64 as component of SUSE Real Time Module 15 SP5","product_id":"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.21.1.x86_64"},"product_reference":"kernel-rt-vdso-5.14.21-150500.13.21.1.x86_64","relates_to_product_reference":"SUSE Real Time Module 15 SP5"},{"category":"default_component_of","full_product_name":{"name":"kernel-rt_debug-5.14.21-150500.13.21.1.x86_64 as component of SUSE Real Time Module 15 SP5","product_id":"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.21.1.x86_64"},"product_reference":"kernel-rt_debug-5.14.21-150500.13.21.1.x86_64","relates_to_product_reference":"SUSE Real Time Module 15 SP5"},{"category":"default_component_of","full_product_name":{"name":"kernel-rt_debug-devel-5.14.21-150500.13.21.1.x86_64 as component of SUSE Real Time Module 15 SP5","product_id":"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.21.1.x86_64"},"product_reference":"kernel-rt_debug-devel-5.14.21-150500.13.21.1.x86_64","relates_to_product_reference":"SUSE Real Time Module 15 SP5"},{"category":"default_component_of","full_product_name":{"name":"kernel-rt_debug-vdso-5.14.21-150500.13.21.1.x86_64 as component of SUSE Real Time Module 15 SP5","product_id":"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.21.1.x86_64"},"product_reference":"kernel-rt_debug-vdso-5.14.21-150500.13.21.1.x86_64","relates_to_product_reference":"SUSE Real Time Module 15 SP5"},{"category":"default_component_of","full_product_name":{"name":"kernel-source-rt-5.14.21-150500.13.21.1.noarch as component of SUSE Real Time Module 15 SP5","product_id":"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.21.1.noarch"},"product_reference":"kernel-source-rt-5.14.21-150500.13.21.1.noarch","relates_to_product_reference":"SUSE Real Time Module 15 SP5"},{"category":"default_component_of","full_product_name":{"name":"kernel-syms-rt-5.14.21-150500.13.21.1.x86_64 as component of SUSE Real Time Module 15 SP5","product_id":"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.21.1.x86_64"},"product_reference":"kernel-syms-rt-5.14.21-150500.13.21.1.x86_64","relates_to_product_reference":"SUSE Real Time Module 15 SP5"},{"category":"default_component_of","full_product_name":{"name":"ocfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64 as component of SUSE Real Time Module 15 SP5","product_id":"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64"},"product_reference":"ocfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","relates_to_product_reference":"SUSE Real Time Module 15 SP5"},{"category":"default_component_of","full_product_name":{"name":"cluster-md-kmp-rt-5.14.21-150500.13.21.1.x86_64 as component of openSUSE Leap 15.5","product_id":"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.21.1.x86_64"},"product_reference":"cluster-md-kmp-rt-5.14.21-150500.13.21.1.x86_64","relates_to_product_reference":"openSUSE Leap 15.5"},{"category":"default_component_of","full_product_name":{"name":"dlm-kmp-rt-5.14.21-150500.13.21.1.x86_64 as component of openSUSE Leap 15.5","product_id":"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.21.1.x86_64"},"product_reference":"dlm-kmp-rt-5.14.21-150500.13.21.1.x86_64","relates_to_product_reference":"openSUSE Leap 15.5"},{"category":"default_component_of","full_product_name":{"name":"gfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64 as component of openSUSE Leap 15.5","product_id":"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64"},"product_reference":"gfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","relates_to_product_reference":"openSUSE Leap 15.5"},{"category":"default_component_of","full_product_name":{"name":"kernel-devel-rt-5.14.21-150500.13.21.1.noarch as component of openSUSE Leap 15.5","product_id":"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.21.1.noarch"},"product_reference":"kernel-devel-rt-5.14.21-150500.13.21.1.noarch","relates_to_product_reference":"openSUSE Leap 15.5"},{"category":"default_component_of","full_product_name":{"name":"kernel-rt-5.14.21-150500.13.21.1.x86_64 as component of openSUSE Leap 15.5","product_id":"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.21.1.x86_64"},"product_reference":"kernel-rt-5.14.21-150500.13.21.1.x86_64","relates_to_product_reference":"openSUSE Leap 15.5"},{"category":"default_component_of","full_product_name":{"name":"kernel-rt-devel-5.14.21-150500.13.21.1.x86_64 as component of openSUSE Leap 15.5","product_id":"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.21.1.x86_64"},"product_reference":"kernel-rt-devel-5.14.21-150500.13.21.1.x86_64","relates_to_product_reference":"openSUSE Leap 15.5"},{"category":"default_component_of","full_product_name":{"name":"kernel-rt-extra-5.14.21-150500.13.21.1.x86_64 as component of openSUSE Leap 15.5","product_id":"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.21.1.x86_64"},"product_reference":"kernel-rt-extra-5.14.21-150500.13.21.1.x86_64","relates_to_product_reference":"openSUSE Leap 15.5"},{"category":"default_component_of","full_product_name":{"name":"kernel-rt-livepatch-5.14.21-150500.13.21.1.x86_64 as component of openSUSE Leap 15.5","product_id":"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.21.1.x86_64"},"product_reference":"kernel-rt-livepatch-5.14.21-150500.13.21.1.x86_64","relates_to_product_reference":"openSUSE Leap 15.5"},{"category":"default_component_of","full_product_name":{"name":"kernel-rt-livepatch-devel-5.14.21-150500.13.21.1.x86_64 as component of openSUSE Leap 15.5","product_id":"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.21.1.x86_64"},"product_reference":"kernel-rt-livepatch-devel-5.14.21-150500.13.21.1.x86_64","relates_to_product_reference":"openSUSE Leap 15.5"},{"category":"default_component_of","full_product_name":{"name":"kernel-rt-optional-5.14.21-150500.13.21.1.x86_64 as component of openSUSE Leap 15.5","product_id":"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.21.1.x86_64"},"product_reference":"kernel-rt-optional-5.14.21-150500.13.21.1.x86_64","relates_to_product_reference":"openSUSE Leap 15.5"},{"category":"default_component_of","full_product_name":{"name":"kernel-rt-vdso-5.14.21-150500.13.21.1.x86_64 as component of openSUSE Leap 15.5","product_id":"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.21.1.x86_64"},"product_reference":"kernel-rt-vdso-5.14.21-150500.13.21.1.x86_64","relates_to_product_reference":"openSUSE Leap 15.5"},{"category":"default_component_of","full_product_name":{"name":"kernel-rt_debug-5.14.21-150500.13.21.1.x86_64 as component of openSUSE Leap 15.5","product_id":"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.21.1.x86_64"},"product_reference":"kernel-rt_debug-5.14.21-150500.13.21.1.x86_64","relates_to_product_reference":"openSUSE Leap 15.5"},{"category":"default_component_of","full_product_name":{"name":"kernel-rt_debug-devel-5.14.21-150500.13.21.1.x86_64 as component of openSUSE Leap 15.5","product_id":"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.21.1.x86_64"},"product_reference":"kernel-rt_debug-devel-5.14.21-150500.13.21.1.x86_64","relates_to_product_reference":"openSUSE Leap 15.5"},{"category":"default_component_of","full_product_name":{"name":"kernel-rt_debug-livepatch-devel-5.14.21-150500.13.21.1.x86_64 as component of openSUSE Leap 15.5","product_id":"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.21.1.x86_64"},"product_reference":"kernel-rt_debug-livepatch-devel-5.14.21-150500.13.21.1.x86_64","relates_to_product_reference":"openSUSE Leap 15.5"},{"category":"default_component_of","full_product_name":{"name":"kernel-rt_debug-vdso-5.14.21-150500.13.21.1.x86_64 as component of openSUSE Leap 15.5","product_id":"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.21.1.x86_64"},"product_reference":"kernel-rt_debug-vdso-5.14.21-150500.13.21.1.x86_64","relates_to_product_reference":"openSUSE Leap 15.5"},{"category":"default_component_of","full_product_name":{"name":"kernel-source-rt-5.14.21-150500.13.21.1.noarch as component of openSUSE Leap 15.5","product_id":"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.21.1.noarch"},"product_reference":"kernel-source-rt-5.14.21-150500.13.21.1.noarch","relates_to_product_reference":"openSUSE Leap 15.5"},{"category":"default_component_of","full_product_name":{"name":"kernel-syms-rt-5.14.21-150500.13.21.1.x86_64 as component of openSUSE Leap 15.5","product_id":"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.21.1.x86_64"},"product_reference":"kernel-syms-rt-5.14.21-150500.13.21.1.x86_64","relates_to_product_reference":"openSUSE Leap 15.5"},{"category":"default_component_of","full_product_name":{"name":"kselftests-kmp-rt-5.14.21-150500.13.21.1.x86_64 as component of openSUSE Leap 15.5","product_id":"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.21.1.x86_64"},"product_reference":"kselftests-kmp-rt-5.14.21-150500.13.21.1.x86_64","relates_to_product_reference":"openSUSE Leap 15.5"},{"category":"default_component_of","full_product_name":{"name":"ocfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64 as component of openSUSE Leap 15.5","product_id":"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64"},"product_reference":"ocfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","relates_to_product_reference":"openSUSE Leap 15.5"},{"category":"default_component_of","full_product_name":{"name":"reiserfs-kmp-rt-5.14.21-150500.13.21.1.x86_64 as component of openSUSE Leap 15.5","product_id":"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.21.1.x86_64"},"product_reference":"reiserfs-kmp-rt-5.14.21-150500.13.21.1.x86_64","relates_to_product_reference":"openSUSE Leap 15.5"}]},"vulnerabilities":[{"cve":"CVE-2023-1206","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2023-1206"}],"notes":[{"category":"general","text":"A hash collision flaw was found in the IPv6 connection lookup table in the Linux kernel's IPv6 functionality when a user makes a new kind of SYN flood attack. A user located in the local network or with a high bandwidth connection can increase the CPU usage of the server that accepts IPV6 connections up to 95%.","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_21-rt-1-150500.11.3.1.x86_64","SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.21.1.noarch","SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.21.1.noarch","SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.21.1.noarch","openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.21.1.noarch","openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.21.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2023-1206","url":"https://www.suse.com/security/cve/CVE-2023-1206"},{"category":"external","summary":"SUSE Bug 1212703 for CVE-2023-1206","url":"https://bugzilla.suse.com/1212703"},{"category":"external","summary":"SUSE Bug 1220015 for CVE-2023-1206","url":"https://bugzilla.suse.com/1220015"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_21-rt-1-150500.11.3.1.x86_64","SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.21.1.noarch","SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.21.1.noarch","SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.21.1.noarch","openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.21.1.noarch","openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.21.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":5.9,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","version":"3.1"},"products":["SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_21-rt-1-150500.11.3.1.x86_64","SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.21.1.noarch","SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.21.1.noarch","SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.21.1.noarch","openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.21.1.noarch","openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.21.1.x86_64"]}],"threats":[{"category":"impact","date":"2023-10-10T14:42:43Z","details":"moderate"}],"title":"CVE-2023-1206"},{"cve":"CVE-2023-39192","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2023-39192"}],"notes":[{"category":"general","text":"A flaw was found in the Netfilter subsystem in the Linux kernel. The xt_u32 module did not validate the fields in the xt_u32 structure. This flaw allows a local privileged attacker to trigger an out-of-bounds read by setting the size fields with a value beyond the array boundaries, leading to a crash or information disclosure.","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_21-rt-1-150500.11.3.1.x86_64","SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.21.1.noarch","SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.21.1.noarch","SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.21.1.noarch","openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.21.1.noarch","openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.21.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2023-39192","url":"https://www.suse.com/security/cve/CVE-2023-39192"},{"category":"external","summary":"SUSE Bug 1215858 for CVE-2023-39192","url":"https://bugzilla.suse.com/1215858"},{"category":"external","summary":"SUSE Bug 1220015 for CVE-2023-39192","url":"https://bugzilla.suse.com/1220015"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_21-rt-1-150500.11.3.1.x86_64","SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.21.1.noarch","SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.21.1.noarch","SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.21.1.noarch","openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.21.1.noarch","openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.21.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H","version":"3.1"},"products":["SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_21-rt-1-150500.11.3.1.x86_64","SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.21.1.noarch","SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.21.1.noarch","SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.21.1.noarch","openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.21.1.noarch","openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.21.1.x86_64"]}],"threats":[{"category":"impact","date":"2023-10-10T14:42:43Z","details":"moderate"}],"title":"CVE-2023-39192"},{"cve":"CVE-2023-39193","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2023-39193"}],"notes":[{"category":"general","text":"A flaw was found in the Netfilter subsystem in the Linux kernel. The sctp_mt_check did not validate the flag_count field. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, leading to a crash or information disclosure.","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_21-rt-1-150500.11.3.1.x86_64","SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.21.1.noarch","SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.21.1.noarch","SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.21.1.noarch","openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.21.1.noarch","openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.21.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2023-39193","url":"https://www.suse.com/security/cve/CVE-2023-39193"},{"category":"external","summary":"SUSE Bug 1215860 for CVE-2023-39193","url":"https://bugzilla.suse.com/1215860"},{"category":"external","summary":"SUSE Bug 1220015 for CVE-2023-39193","url":"https://bugzilla.suse.com/1220015"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_21-rt-1-150500.11.3.1.x86_64","SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.21.1.noarch","SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.21.1.noarch","SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.21.1.noarch","openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.21.1.noarch","openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.21.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":5.1,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:L","version":"3.1"},"products":["SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_21-rt-1-150500.11.3.1.x86_64","SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.21.1.noarch","SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.21.1.noarch","SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.21.1.noarch","openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.21.1.noarch","openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.21.1.x86_64"]}],"threats":[{"category":"impact","date":"2023-10-10T14:42:43Z","details":"moderate"}],"title":"CVE-2023-39193"},{"cve":"CVE-2023-39194","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2023-39194"}],"notes":[{"category":"general","text":"A flaw was found in the XFRM subsystem in the Linux kernel. The specific flaw exists within the processing of state filters, which can result in a read past the end of an allocated buffer. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, potentially leading to an information disclosure.","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_21-rt-1-150500.11.3.1.x86_64","SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.21.1.noarch","SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.21.1.noarch","SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.21.1.noarch","openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.21.1.noarch","openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.21.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2023-39194","url":"https://www.suse.com/security/cve/CVE-2023-39194"},{"category":"external","summary":"SUSE Bug 1215861 for CVE-2023-39194","url":"https://bugzilla.suse.com/1215861"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_21-rt-1-150500.11.3.1.x86_64","SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.21.1.noarch","SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.21.1.noarch","SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.21.1.noarch","openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.21.1.noarch","openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.21.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":3.2,"baseSeverity":"LOW","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N","version":"3.1"},"products":["SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_21-rt-1-150500.11.3.1.x86_64","SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.21.1.noarch","SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.21.1.noarch","SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.21.1.noarch","openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.21.1.noarch","openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.21.1.x86_64"]}],"threats":[{"category":"impact","date":"2023-10-10T14:42:43Z","details":"moderate"}],"title":"CVE-2023-39194"},{"cve":"CVE-2023-4155","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2023-4155"}],"notes":[{"category":"general","text":"A flaw was found in KVM AMD Secure Encrypted Virtualization (SEV) in the Linux kernel. A KVM guest using SEV-ES or SEV-SNP with multiple vCPUs can trigger a double fetch race condition vulnerability and invoke the `VMGEXIT` handler recursively. If an attacker manages to call the handler multiple times, they can trigger a stack overflow and cause a denial of service or potentially guest-to-host escape in kernel configurations without stack guard pages (`CONFIG_VMAP_STACK`).","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_21-rt-1-150500.11.3.1.x86_64","SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.21.1.noarch","SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.21.1.noarch","SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.21.1.noarch","openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.21.1.noarch","openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.21.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2023-4155","url":"https://www.suse.com/security/cve/CVE-2023-4155"},{"category":"external","summary":"SUSE Bug 1214022 for CVE-2023-4155","url":"https://bugzilla.suse.com/1214022"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_21-rt-1-150500.11.3.1.x86_64","SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.21.1.noarch","SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.21.1.noarch","SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.21.1.noarch","openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.21.1.noarch","openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.21.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.5,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H","version":"3.1"},"products":["SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_21-rt-1-150500.11.3.1.x86_64","SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.21.1.noarch","SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.21.1.noarch","SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.21.1.noarch","openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.21.1.noarch","openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.21.1.x86_64"]}],"threats":[{"category":"impact","date":"2023-10-10T14:42:43Z","details":"moderate"}],"title":"CVE-2023-4155"},{"cve":"CVE-2023-42753","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2023-42753"}],"notes":[{"category":"general","text":"An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a miscalculation of the `h->nets` array offset, providing attackers with the primitive to arbitrarily increment/decrement a memory buffer out-of-bound. This issue may allow a local user to crash the system or potentially escalate their privileges on the system.","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_21-rt-1-150500.11.3.1.x86_64","SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.21.1.noarch","SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.21.1.noarch","SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.21.1.noarch","openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.21.1.noarch","openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.21.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2023-42753","url":"https://www.suse.com/security/cve/CVE-2023-42753"},{"category":"external","summary":"SUSE Bug 1215150 for CVE-2023-42753","url":"https://bugzilla.suse.com/1215150"},{"category":"external","summary":"SUSE Bug 1218613 for CVE-2023-42753","url":"https://bugzilla.suse.com/1218613"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_21-rt-1-150500.11.3.1.x86_64","SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.21.1.noarch","SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.21.1.noarch","SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.21.1.noarch","openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.21.1.noarch","openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.21.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":7,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","version":"3.1"},"products":["SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_21-rt-1-150500.11.3.1.x86_64","SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.21.1.noarch","SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.21.1.noarch","SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.21.1.noarch","openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.21.1.noarch","openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.21.1.x86_64"]}],"threats":[{"category":"impact","date":"2023-10-10T14:42:43Z","details":"important"}],"title":"CVE-2023-42753"},{"cve":"CVE-2023-42754","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2023-42754"}],"notes":[{"category":"general","text":"A NULL pointer dereference flaw was found in the Linux kernel ipv4 stack. The socket buffer (skb) was assumed to be associated with a device before calling __ip_options_compile, which is not always the case if the skb is re-routed by ipvs. This issue may allow a local user with CAP_NET_ADMIN privileges to crash the system.","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_21-rt-1-150500.11.3.1.x86_64","SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.21.1.noarch","SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.21.1.noarch","SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.21.1.noarch","openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.21.1.noarch","openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.21.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2023-42754","url":"https://www.suse.com/security/cve/CVE-2023-42754"},{"category":"external","summary":"SUSE Bug 1215467 for CVE-2023-42754","url":"https://bugzilla.suse.com/1215467"},{"category":"external","summary":"SUSE Bug 1222212 for CVE-2023-42754","url":"https://bugzilla.suse.com/1222212"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_21-rt-1-150500.11.3.1.x86_64","SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.21.1.noarch","SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.21.1.noarch","SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.21.1.noarch","openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.21.1.noarch","openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.21.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":5.5,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","version":"3.1"},"products":["SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_21-rt-1-150500.11.3.1.x86_64","SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.21.1.noarch","SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.21.1.noarch","SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.21.1.noarch","openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.21.1.noarch","openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.21.1.x86_64"]}],"threats":[{"category":"impact","date":"2023-10-10T14:42:43Z","details":"moderate"}],"title":"CVE-2023-42754"},{"cve":"CVE-2023-4389","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2023-4389"}],"notes":[{"category":"general","text":"A flaw was found in btrfs_get_root_ref in fs/btrfs/disk-io.c in the btrfs filesystem in the Linux Kernel due to a double decrement of the reference count. This issue may allow a local attacker with user privilege to crash the system or may lead to leaked internal kernel information.","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_21-rt-1-150500.11.3.1.x86_64","SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.21.1.noarch","SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.21.1.noarch","SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.21.1.noarch","openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.21.1.noarch","openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.21.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2023-4389","url":"https://www.suse.com/security/cve/CVE-2023-4389"},{"category":"external","summary":"SUSE Bug 1214351 for CVE-2023-4389","url":"https://bugzilla.suse.com/1214351"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_21-rt-1-150500.11.3.1.x86_64","SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.21.1.noarch","SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.21.1.noarch","SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.21.1.noarch","openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.21.1.noarch","openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.21.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":5.8,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H","version":"3.1"},"products":["SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_21-rt-1-150500.11.3.1.x86_64","SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.21.1.noarch","SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.21.1.noarch","SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.21.1.noarch","openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.21.1.noarch","openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.21.1.x86_64"]}],"threats":[{"category":"impact","date":"2023-10-10T14:42:43Z","details":"moderate"}],"title":"CVE-2023-4389"},{"cve":"CVE-2023-4622","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2023-4622"}],"notes":[{"category":"general","text":"A use-after-free vulnerability in the Linux kernel's af_unix component can be exploited to achieve local privilege escalation.\n\nThe unix_stream_sendpage() function tries to add data to the last skb in the peer's recv queue without locking the queue. Thus there is a race where unix_stream_sendpage() could access an skb locklessly that is being released by garbage collection, resulting in use-after-free.\n\nWe recommend upgrading past commit 790c2f9d15b594350ae9bca7b236f2b1859de02c.","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_21-rt-1-150500.11.3.1.x86_64","SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.21.1.noarch","SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.21.1.noarch","SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.21.1.noarch","openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.21.1.noarch","openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.21.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2023-4622","url":"https://www.suse.com/security/cve/CVE-2023-4622"},{"category":"external","summary":"SUSE Bug 1215117 for CVE-2023-4622","url":"https://bugzilla.suse.com/1215117"},{"category":"external","summary":"SUSE Bug 1215442 for CVE-2023-4622","url":"https://bugzilla.suse.com/1215442"},{"category":"external","summary":"SUSE Bug 1217531 for CVE-2023-4622","url":"https://bugzilla.suse.com/1217531"},{"category":"external","summary":"SUSE Bug 1219699 for CVE-2023-4622","url":"https://bugzilla.suse.com/1219699"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_21-rt-1-150500.11.3.1.x86_64","SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.21.1.noarch","SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.21.1.noarch","SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.21.1.noarch","openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.21.1.noarch","openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.21.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":7.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","version":"3.1"},"products":["SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_21-rt-1-150500.11.3.1.x86_64","SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.21.1.noarch","SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.21.1.noarch","SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.21.1.noarch","openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.21.1.noarch","openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.21.1.x86_64"]}],"threats":[{"category":"impact","date":"2023-10-10T14:42:43Z","details":"important"}],"title":"CVE-2023-4622"},{"cve":"CVE-2023-4623","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2023-4623"}],"notes":[{"category":"general","text":"A use-after-free vulnerability in the Linux kernel's net/sched: sch_hfsc (HFSC qdisc traffic control) component can be exploited to achieve local privilege escalation.\n\nIf a class with a link-sharing curve (i.e. with the HFSC_FSC flag set) has a parent without a link-sharing curve, then init_vf() will call vttree_insert() on the parent, but vttree_remove() will be skipped in update_vf(). This leaves a dangling pointer that can cause a use-after-free.\n\nWe recommend upgrading past commit b3d26c5702c7d6c45456326e56d2ccf3f103e60f.","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_21-rt-1-150500.11.3.1.x86_64","SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.21.1.noarch","SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.21.1.noarch","SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.21.1.noarch","openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.21.1.noarch","openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.21.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2023-4623","url":"https://www.suse.com/security/cve/CVE-2023-4623"},{"category":"external","summary":"SUSE Bug 1215115 for CVE-2023-4623","url":"https://bugzilla.suse.com/1215115"},{"category":"external","summary":"SUSE Bug 1215440 for CVE-2023-4623","url":"https://bugzilla.suse.com/1215440"},{"category":"external","summary":"SUSE Bug 1217444 for CVE-2023-4623","url":"https://bugzilla.suse.com/1217444"},{"category":"external","summary":"SUSE Bug 1217531 for CVE-2023-4623","url":"https://bugzilla.suse.com/1217531"},{"category":"external","summary":"SUSE Bug 1219698 for CVE-2023-4623","url":"https://bugzilla.suse.com/1219698"},{"category":"external","summary":"SUSE Bug 1221578 for CVE-2023-4623","url":"https://bugzilla.suse.com/1221578"},{"category":"external","summary":"SUSE Bug 1221598 for CVE-2023-4623","url":"https://bugzilla.suse.com/1221598"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_21-rt-1-150500.11.3.1.x86_64","SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.21.1.noarch","SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.21.1.noarch","SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.21.1.noarch","openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.21.1.noarch","openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.21.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":7.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","version":"3.1"},"products":["SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_21-rt-1-150500.11.3.1.x86_64","SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.21.1.noarch","SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.21.1.noarch","SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.21.1.noarch","openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.21.1.noarch","openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.21.1.x86_64"]}],"threats":[{"category":"impact","date":"2023-10-10T14:42:43Z","details":"important"}],"title":"CVE-2023-4623"},{"cve":"CVE-2023-4921","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2023-4921"}],"notes":[{"category":"general","text":"A use-after-free vulnerability in the Linux kernel's net/sched: sch_qfq component can be exploited to achieve local privilege escalation.\n\nWhen the plug qdisc is used as a class of the qfq qdisc, sending network packets triggers use-after-free in qfq_dequeue() due to the incorrect .peek handler of sch_plug and lack of error checking in agg_dequeue().\n\nWe recommend upgrading past commit 8fc134fee27f2263988ae38920bc03da416b03d8.","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_21-rt-1-150500.11.3.1.x86_64","SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.21.1.noarch","SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.21.1.noarch","SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.21.1.noarch","openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.21.1.noarch","openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.21.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2023-4921","url":"https://www.suse.com/security/cve/CVE-2023-4921"},{"category":"external","summary":"SUSE Bug 1215275 for CVE-2023-4921","url":"https://bugzilla.suse.com/1215275"},{"category":"external","summary":"SUSE Bug 1215300 for CVE-2023-4921","url":"https://bugzilla.suse.com/1215300"},{"category":"external","summary":"SUSE Bug 1217444 for CVE-2023-4921","url":"https://bugzilla.suse.com/1217444"},{"category":"external","summary":"SUSE Bug 1217531 for CVE-2023-4921","url":"https://bugzilla.suse.com/1217531"},{"category":"external","summary":"SUSE Bug 1220906 for CVE-2023-4921","url":"https://bugzilla.suse.com/1220906"},{"category":"external","summary":"SUSE Bug 1223091 for CVE-2023-4921","url":"https://bugzilla.suse.com/1223091"},{"category":"external","summary":"SUSE Bug 1224418 for CVE-2023-4921","url":"https://bugzilla.suse.com/1224418"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_21-rt-1-150500.11.3.1.x86_64","SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.21.1.noarch","SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.21.1.noarch","SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.21.1.noarch","openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.21.1.noarch","openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.21.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":7.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","version":"3.1"},"products":["SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_21-rt-1-150500.11.3.1.x86_64","SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.21.1.noarch","SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.21.1.noarch","SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.21.1.noarch","openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.21.1.noarch","openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.21.1.x86_64"]}],"threats":[{"category":"impact","date":"2023-10-10T14:42:43Z","details":"important"}],"title":"CVE-2023-4921"},{"cve":"CVE-2023-5345","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2023-5345"}],"notes":[{"category":"general","text":"A use-after-free vulnerability in the Linux kernel's fs/smb/client component can be exploited to achieve local privilege escalation.\n\nIn case of an error in smb3_fs_context_parse_param, ctx->password was freed but the field was not set to NULL which could lead to double free.\n\nWe recommend upgrading past commit e6e43b8aa7cd3c3af686caf0c2e11819a886d705.","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_21-rt-1-150500.11.3.1.x86_64","SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.21.1.noarch","SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.21.1.noarch","SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.21.1.noarch","openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.21.1.noarch","openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.21.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2023-5345","url":"https://www.suse.com/security/cve/CVE-2023-5345"},{"category":"external","summary":"SUSE Bug 1215899 for CVE-2023-5345","url":"https://bugzilla.suse.com/1215899"},{"category":"external","summary":"SUSE Bug 1215971 for CVE-2023-5345","url":"https://bugzilla.suse.com/1215971"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_21-rt-1-150500.11.3.1.x86_64","SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.21.1.noarch","SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.21.1.noarch","SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.21.1.noarch","openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.21.1.noarch","openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.21.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":7,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","version":"3.1"},"products":["SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_21-rt-1-150500.11.3.1.x86_64","SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.21.1.noarch","SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.21.1.noarch","SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.21.1.x86_64","SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.21.1.noarch","openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.21.1.noarch","openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.21.1.x86_64","openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.21.1.x86_64"]}],"threats":[{"category":"impact","date":"2023-10-10T14:42:43Z","details":"important"}],"title":"CVE-2023-5345"}]}