Security update for the Linux Kernel

Announcement ID:	SUSE-SU-2024:0110-1
Rating:	important
References:	bsc#1179610 bsc#1211226 bsc#1215237 bsc#1215375 bsc#1217250 bsc#1217709 bsc#1217946 bsc#1217947 bsc#1218105 bsc#1218184 bsc#1218253 bsc#1218258 bsc#1218559 jsc#PED-5021
Cross-References:	CVE-2020-26555 CVE-2023-51779 CVE-2023-6121 CVE-2023-6606 CVE-2023-6610 CVE-2023-6931 CVE-2023-6932
CVSS scores:	CVE-2020-26555 ( SUSE ): 5.4 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N CVE-2020-26555 ( NVD ): 5.4 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N CVE-2023-51779 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2023-6121 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N CVE-2023-6121 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N CVE-2023-6606 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H CVE-2023-6606 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H CVE-2023-6610 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H CVE-2023-6610 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H CVE-2023-6931 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2023-6931 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2023-6932 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2023-6932 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products:	SUSE Linux Enterprise Micro 5.1 SUSE Linux Enterprise Micro 5.2 SUSE Linux Enterprise Micro for Rancher 5.2

An update that solves seven vulnerabilities, contains one feature and has six security fixes can now be installed.

Description:

The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security bugfixes.

The following security bugs were fixed:

• CVE-2020-26555: Fixed an issue during BR/EDR PIN code pairing in the Bluetooth subsystem that would allow replay attacks (bsc#1179610 bsc#1215237).
• CVE-2023-6121: Fixed an information leak via dmesg when receiving a crafted packet in the NVMe-oF/TCP subsystem (bsc#1217250).
• CVE-2023-6606: Fixed an out of bounds read in the SMB client when receiving a malformed length from a server (bsc#1217947).
• CVE-2023-6610: Fixed an out of bounds read in the SMB client when printing debug information (bsc#1217946).
• CVE-2023-6931: Fixed an out of bounds write in the Performance Events subsystem when adding a new event (bsc#1218258).
• CVE-2023-6932: Fixed a use-after-free issue when receiving an IGMP query packet due to reference count mismanagement (bsc#1218253).
• CVE-2023-51779: Fixed a use-after-free because of a bt_sock_ioctl race condition in bt_sock_recvmsg (bsc#1218559).

The following non-security bugs were fixed:

• Reviewed and added more information to README.SUSE (jsc#PED-5021).
• Enabled multibuild for kernel packages (JSC-SLE#5501, boo#1211226, bsc#1218184).
• clocksource: Avoid accidental unstable marking of clocksources (bsc#1218105).
• clocksource: Suspend the watchdog temporarily when high read latency detected (bsc#1218105).
• efi/mokvar: Reserve the table only if it is in boot services data (bsc#1215375).

Special Instructions and Notes:

• Please reboot the system after installing this update.

Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

• SUSE Linux Enterprise Micro 5.1
  zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-110=1
• SUSE Linux Enterprise Micro 5.2
  zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-110=1
• SUSE Linux Enterprise Micro for Rancher 5.2
  zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-110=1

Package List:

• SUSE Linux Enterprise Micro 5.1 (nosrc x86_64)
  • kernel-rt-5.3.18-150300.155.1
• SUSE Linux Enterprise Micro 5.1 (x86_64)
  • kernel-rt-debugsource-5.3.18-150300.155.1
  • kernel-rt-debuginfo-5.3.18-150300.155.1
• SUSE Linux Enterprise Micro 5.2 (nosrc x86_64)
  • kernel-rt-5.3.18-150300.155.1
• SUSE Linux Enterprise Micro 5.2 (x86_64)
  • kernel-rt-debugsource-5.3.18-150300.155.1
  • kernel-rt-debuginfo-5.3.18-150300.155.1
• SUSE Linux Enterprise Micro for Rancher 5.2 (nosrc x86_64)
  • kernel-rt-5.3.18-150300.155.1
• SUSE Linux Enterprise Micro for Rancher 5.2 (x86_64)
  • kernel-rt-debugsource-5.3.18-150300.155.1
  • kernel-rt-debuginfo-5.3.18-150300.155.1

References:

• https://www.suse.com/security/cve/CVE-2020-26555.html
• https://www.suse.com/security/cve/CVE-2023-51779.html
• https://www.suse.com/security/cve/CVE-2023-6121.html
• https://www.suse.com/security/cve/CVE-2023-6606.html
• https://www.suse.com/security/cve/CVE-2023-6610.html
• https://www.suse.com/security/cve/CVE-2023-6931.html
• https://www.suse.com/security/cve/CVE-2023-6932.html
• https://bugzilla.suse.com/show_bug.cgi?id=1179610
• https://bugzilla.suse.com/show_bug.cgi?id=1211226
• https://bugzilla.suse.com/show_bug.cgi?id=1215237
• https://bugzilla.suse.com/show_bug.cgi?id=1215375
• https://bugzilla.suse.com/show_bug.cgi?id=1217250
• https://bugzilla.suse.com/show_bug.cgi?id=1217709
• https://bugzilla.suse.com/show_bug.cgi?id=1217946
• https://bugzilla.suse.com/show_bug.cgi?id=1217947
• https://bugzilla.suse.com/show_bug.cgi?id=1218105
• https://bugzilla.suse.com/show_bug.cgi?id=1218184
• https://bugzilla.suse.com/show_bug.cgi?id=1218253
• https://bugzilla.suse.com/show_bug.cgi?id=1218258
• https://bugzilla.suse.com/show_bug.cgi?id=1218559
• https://jira.suse.com/browse/PED-5021