The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:0485-1 advisory.
An out-of-bounds(OOB) memory access vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_kms.c in GPU component in the Linux kernel with device file ‘/dev/dri/renderD128 (or Dxxx)’. This flaw allows a local attacker with a user account on the system to gain privilege, causing a denial of service(DoS). (CVE-2022-36280)
In the Linux kernel before 6.1.6, a NULL pointer dereference bug in the traffic control subsystem allows an unprivileged user to trigger a denial of service (system crash) via a crafted traffic control configuration that is set up with tc qdisc and tc class commands. This affects qdisc_graft in net/sched/sch_api.c. (CVE-2022-47929)
The current implementation of the prctl syscall does not issue an IBPB immediately during the syscall. The ib_prctl_set function updates the Thread Information Flags (TIFs) for the task and updates the SPEC_CTRL MSR on the function __speculation_ctrl_update, but the IBPB is only issued on the next schedule, when the TIF bits are checked. This leaves the victim vulnerable to values already injected on the BTB, prior to the prctl syscall. The patch that added the support for the conditional mitigation via prctl (ib_prctl_set) dates back to the kernel 4.9.176. We recommend upgrading past commit a664ec9158eeddd75121d39c9a0758016097fa96 (CVE-2023-0045)
A use after free vulnerability exists in the ALSA PCM package in the Linux Kernel.
SNDRV_CTL_IOCTL_ELEM_{READ|WRITE}32 is missing locks that can be used in a use-after-free that can result in a priviledge escalation to gain ring0 access from the system user. We recommend upgrading past commit 56b88b50565cd8b946a2d00b0c83927b7ebb055e (CVE-2023-0266)
A use-after-free flaw was found in qdisc_graft in net/sched/sch_api.c in the Linux Kernel due to a race problem. This flaw leads to a denial of service issue. If patch ebda44da44f6 (net: sched: fix race condition in qdisc_graft()) not applied yet, then kernel could be affected. (CVE-2023-0590)
cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service (slab-out-of-bounds read) because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results). (CVE-2023-23454)
Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The package checks in this plugin were extracted from
# SUSE update advisory SUSE-SU-2023:0485-1. The text itself
# is copyright (C) SUSE.
##
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(171889);
script_version("1.4");
script_set_attribute(attribute:"plugin_modification_date", value:"2023/07/14");
script_cve_id(
"CVE-2022-36280",
"CVE-2022-47929",
"CVE-2023-0045",
"CVE-2023-0266",
"CVE-2023-0590",
"CVE-2023-23454"
);
script_xref(name:"SuSE", value:"SUSE-SU-2023:0485-1");
script_xref(name:"CISA-KNOWN-EXPLOITED", value:"2023/04/20");
script_name(english:"SUSE SLES12 Security Update : kernel (SUSE-SU-2023:0485-1)");
script_set_attribute(attribute:"synopsis", value:
"The remote SUSE host is missing one or more security updates.");
script_set_attribute(attribute:"description", value:
"The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in
the SUSE-SU-2023:0485-1 advisory.
- An out-of-bounds(OOB) memory access vulnerability was found in vmwgfx driver in
drivers/gpu/vmxgfx/vmxgfx_kms.c in GPU component in the Linux kernel with device file '/dev/dri/renderD128
(or Dxxx)'. This flaw allows a local attacker with a user account on the system to gain privilege, causing
a denial of service(DoS). (CVE-2022-36280)
- In the Linux kernel before 6.1.6, a NULL pointer dereference bug in the traffic control subsystem allows
an unprivileged user to trigger a denial of service (system crash) via a crafted traffic control
configuration that is set up with tc qdisc and tc class commands. This affects qdisc_graft in
net/sched/sch_api.c. (CVE-2022-47929)
- The current implementation of the prctl syscall does not issue an IBPB immediately during the syscall. The
ib_prctl_set function updates the Thread Information Flags (TIFs) for the task and updates the SPEC_CTRL
MSR on the function __speculation_ctrl_update, but the IBPB is only issued on the next schedule, when the
TIF bits are checked. This leaves the victim vulnerable to values already injected on the BTB, prior to
the prctl syscall. The patch that added the support for the conditional mitigation via prctl
(ib_prctl_set) dates back to the kernel 4.9.176. We recommend upgrading past commit
a664ec9158eeddd75121d39c9a0758016097fa96 (CVE-2023-0045)
- A use after free vulnerability exists in the ALSA PCM package in the Linux Kernel.
SNDRV_CTL_IOCTL_ELEM_{READ|WRITE}32 is missing locks that can be used in a use-after-free that can result
in a priviledge escalation to gain ring0 access from the system user. We recommend upgrading past commit
56b88b50565cd8b946a2d00b0c83927b7ebb055e (CVE-2023-0266)
- A use-after-free flaw was found in qdisc_graft in net/sched/sch_api.c in the Linux Kernel due to a race
problem. This flaw leads to a denial of service issue. If patch ebda44da44f6 (net: sched: fix race
condition in qdisc_graft()) not applied yet, then kernel could be affected. (CVE-2023-0590)
- cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 allows attackers to cause a denial
of service (slab-out-of-bounds read) because of type confusion (non-negative numbers can sometimes
indicate a TC_ACT_SHOT condition rather than valid classification results). (CVE-2023-23454)
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1175995");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1186449");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1198971");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1202712");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1202713");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1203332");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1203693");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1204356");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1204514");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1204662");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1205149");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1205397");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1205495");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1206602");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1206635");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1206640");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1206641");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1206642");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1206643");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1206645");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1206646");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1206648");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1206649");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1206677");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1206698");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1206784");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1206855");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1206858");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1206873");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1206876");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1206877");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1206878");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1206880");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1206882");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1206883");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1206884");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1206885");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1206887");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1206888");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1206890");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1207036");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1207092");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1207093");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1207094");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1207097");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1207102");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1207103");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1207104");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1207107");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1207108");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1207134");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1207168");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1207186");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1207195");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1207237");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1207773");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1207795");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1207875");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1208108");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2022-36280");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2022-47929");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2023-0045");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2023-0266");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2023-0590");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2023-23454");
# https://lists.suse.com/pipermail/sle-security-updates/2023-February/013878.html
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?4de08190");
script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:N");
script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:H/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2023-0045");
script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2023-0266");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2022/09/09");
script_set_attribute(attribute:"patch_publication_date", value:"2023/02/23");
script_set_attribute(attribute:"plugin_publication_date", value:"2023/02/24");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:cluster-md-kmp-rt");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:dlm-kmp-rt");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:gfs2-kmp-rt");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-devel-rt");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-rt");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-rt-base");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-rt-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-rt_debug");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-rt_debug-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-source-rt");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-syms-rt");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:ocfs2-kmp-rt");
script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:12");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"SuSE Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
exit(0);
}
include('rpm.inc');
if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item("Host/SuSE/release");
if (isnull(os_release) || os_release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
var os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:os_release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');
os_ver = os_ver[1];
if (! preg(pattern:"^(SLES12)$", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES12', 'SUSE (' + os_ver + ')');
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE (' + os_ver + ')', cpu);
var service_pack = get_kb_item("Host/SuSE/patchlevel");
if (isnull(service_pack)) service_pack = "0";
if (os_ver == "SLES12" && (! preg(pattern:"^(5)$", string:service_pack))) audit(AUDIT_OS_NOT, "SLES12 SP5", os_ver + " SP" + service_pack);
var pkgs = [
{'reference':'cluster-md-kmp-rt-4.12.14-10.115.1', 'sp':'5', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SUSE-Linux-Enterprise-RT-release-12.5']},
{'reference':'dlm-kmp-rt-4.12.14-10.115.1', 'sp':'5', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SUSE-Linux-Enterprise-RT-release-12.5']},
{'reference':'gfs2-kmp-rt-4.12.14-10.115.1', 'sp':'5', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SUSE-Linux-Enterprise-RT-release-12.5']},
{'reference':'kernel-devel-rt-4.12.14-10.115.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SUSE-Linux-Enterprise-RT-release-12.5']},
{'reference':'kernel-rt-4.12.14-10.115.1', 'sp':'5', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SUSE-Linux-Enterprise-RT-release-12.5']},
{'reference':'kernel-rt-base-4.12.14-10.115.1', 'sp':'5', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SUSE-Linux-Enterprise-RT-release-12.5']},
{'reference':'kernel-rt-devel-4.12.14-10.115.1', 'sp':'5', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SUSE-Linux-Enterprise-RT-release-12.5']},
{'reference':'kernel-rt_debug-4.12.14-10.115.1', 'sp':'5', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SUSE-Linux-Enterprise-RT-release-12.5']},
{'reference':'kernel-rt_debug-devel-4.12.14-10.115.1', 'sp':'5', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SUSE-Linux-Enterprise-RT-release-12.5']},
{'reference':'kernel-source-rt-4.12.14-10.115.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SUSE-Linux-Enterprise-RT-release-12.5']},
{'reference':'kernel-syms-rt-4.12.14-10.115.1', 'sp':'5', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SUSE-Linux-Enterprise-RT-release-12.5']},
{'reference':'ocfs2-kmp-rt-4.12.14-10.115.1', 'sp':'5', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SUSE-Linux-Enterprise-RT-release-12.5']}
];
var ltss_caveat_required = FALSE;
var flag = 0;
foreach var package_array ( pkgs ) {
var reference = NULL;
var _release = NULL;
var sp = NULL;
var _cpu = NULL;
var exists_check = NULL;
var rpm_spec_vers_cmp = NULL;
if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
if (!empty_or_null(package_array['release'])) _release = package_array['release'];
if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];
if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];
if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];
if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];
if (reference && _release) {
if (exists_check) {
var check_flag = 0;
foreach var check (exists_check) {
if (!rpm_exists(release:_release, rpm:check)) continue;
check_flag++;
}
if (!check_flag) continue;
}
if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;
}
}
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : rpm_report_get()
);
exit(0);
}
else
{
var tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'cluster-md-kmp-rt / dlm-kmp-rt / gfs2-kmp-rt / kernel-devel-rt / etc');
}
Vendor | Product | Version | CPE |
---|---|---|---|
novell | suse_linux | cluster-md-kmp-rt | p-cpe:/a:novell:suse_linux:cluster-md-kmp-rt |
novell | suse_linux | dlm-kmp-rt | p-cpe:/a:novell:suse_linux:dlm-kmp-rt |
novell | suse_linux | gfs2-kmp-rt | p-cpe:/a:novell:suse_linux:gfs2-kmp-rt |
novell | suse_linux | kernel-devel-rt | p-cpe:/a:novell:suse_linux:kernel-devel-rt |
novell | suse_linux | kernel-rt | p-cpe:/a:novell:suse_linux:kernel-rt |
novell | suse_linux | kernel-rt-base | p-cpe:/a:novell:suse_linux:kernel-rt-base |
novell | suse_linux | kernel-rt-devel | p-cpe:/a:novell:suse_linux:kernel-rt-devel |
novell | suse_linux | kernel-rt_debug | p-cpe:/a:novell:suse_linux:kernel-rt_debug |
novell | suse_linux | kernel-rt_debug-devel | p-cpe:/a:novell:suse_linux:kernel-rt_debug-devel |
novell | suse_linux | kernel-source-rt | p-cpe:/a:novell:suse_linux:kernel-source-rt |
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36280
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-47929
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0045
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0266
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0590
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23454
www.nessus.org/u?4de08190
bugzilla.suse.com/1175995
bugzilla.suse.com/1186449
bugzilla.suse.com/1198971
bugzilla.suse.com/1202712
bugzilla.suse.com/1202713
bugzilla.suse.com/1203332
bugzilla.suse.com/1203693
bugzilla.suse.com/1204356
bugzilla.suse.com/1204514
bugzilla.suse.com/1204662
bugzilla.suse.com/1205149
bugzilla.suse.com/1205397
bugzilla.suse.com/1205495
bugzilla.suse.com/1206602
bugzilla.suse.com/1206635
bugzilla.suse.com/1206640
bugzilla.suse.com/1206641
bugzilla.suse.com/1206642
bugzilla.suse.com/1206643
bugzilla.suse.com/1206645
bugzilla.suse.com/1206646
bugzilla.suse.com/1206648
bugzilla.suse.com/1206649
bugzilla.suse.com/1206677
bugzilla.suse.com/1206698
bugzilla.suse.com/1206784
bugzilla.suse.com/1206855
bugzilla.suse.com/1206858
bugzilla.suse.com/1206873
bugzilla.suse.com/1206876
bugzilla.suse.com/1206877
bugzilla.suse.com/1206878
bugzilla.suse.com/1206880
bugzilla.suse.com/1206882
bugzilla.suse.com/1206883
bugzilla.suse.com/1206884
bugzilla.suse.com/1206885
bugzilla.suse.com/1206887
bugzilla.suse.com/1206888
bugzilla.suse.com/1206890
bugzilla.suse.com/1207036
bugzilla.suse.com/1207092
bugzilla.suse.com/1207093
bugzilla.suse.com/1207094
bugzilla.suse.com/1207097
bugzilla.suse.com/1207102
bugzilla.suse.com/1207103
bugzilla.suse.com/1207104
bugzilla.suse.com/1207107
bugzilla.suse.com/1207108
bugzilla.suse.com/1207134
bugzilla.suse.com/1207168
bugzilla.suse.com/1207186
bugzilla.suse.com/1207195
bugzilla.suse.com/1207237
bugzilla.suse.com/1207773
bugzilla.suse.com/1207795
bugzilla.suse.com/1207875
bugzilla.suse.com/1208108
www.suse.com/security/cve/CVE-2022-36280
www.suse.com/security/cve/CVE-2022-47929
www.suse.com/security/cve/CVE-2023-0045
www.suse.com/security/cve/CVE-2023-0266
www.suse.com/security/cve/CVE-2023-0590
www.suse.com/security/cve/CVE-2023-23454