The remote SUSE Linux SLES12 / SLES_SAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:0618-1 advisory.
An issue was discovered in the Linux kernel through 5.16-rc6. netvsc_get_ethtool_stats in drivers/net/hyperv/netvsc_drv.c lacks check of the return value of kvmalloc_array() and will cause the null pointer dereference. (CVE-2022-3107)
An issue was discovered in the Linux kernel through 5.16-rc6. kfd_parse_subtype_iolink in drivers/gpu/drm/amd/amdkfd/kfd_crat.c lacks check of the return value of kmemdup(). (CVE-2022-3108)
A vulnerability classified as critical was found in Linux Kernel. Affected by this vulnerability is the function l2cap_reassemble_sdu of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211087. (CVE-2022-3564)
An out-of-bounds(OOB) memory access vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_kms.c in GPU component in the Linux kernel with device file ‘/dev/dri/renderD128 (or Dxxx)’. This flaw allows a local attacker with a user account on the system to gain privilege, causing a denial of service(DoS). (CVE-2022-36280)
A flaw incorrect access control in the Linux kernel USB core subsystem was found in the way user attaches usb device. A local user could use this flaw to crash the system. (CVE-2022-4662)
In the Linux kernel before 6.1.6, a NULL pointer dereference bug in the traffic control subsystem allows an unprivileged user to trigger a denial of service (system crash) via a crafted traffic control configuration that is set up with tc qdisc and tc class commands. This affects qdisc_graft in net/sched/sch_api.c. (CVE-2022-47929)
The current implementation of the prctl syscall does not issue an IBPB immediately during the syscall. The ib_prctl_set function updates the Thread Information Flags (TIFs) for the task and updates the SPEC_CTRL MSR on the function __speculation_ctrl_update, but the IBPB is only issued on the next schedule, when the TIF bits are checked. This leaves the victim vulnerable to values already injected on the BTB, prior to the prctl syscall. The patch that added the support for the conditional mitigation via prctl (ib_prctl_set) dates back to the kernel 4.9.176. We recommend upgrading past commit a664ec9158eeddd75121d39c9a0758016097fa96 (CVE-2023-0045)
A use after free vulnerability exists in the ALSA PCM package in the Linux Kernel.
SNDRV_CTL_IOCTL_ELEM_{READ|WRITE}32 is missing locks that can be used in a use-after-free that can result in a priviledge escalation to gain ring0 access from the system user. We recommend upgrading past commit 56b88b50565cd8b946a2d00b0c83927b7ebb055e (CVE-2023-0266)
A NULL pointer dereference flaw was found in rawv6_push_pending_frames in net/ipv6/raw.c in the network subcomponent in the Linux kernel. This flaw causes the system to crash. (CVE-2023-0394)
A use-after-free flaw was found in qdisc_graft in net/sched/sch_api.c in the Linux Kernel due to a race problem. This flaw leads to a denial of service issue. If patch ebda44da44f6 (net: sched: fix race condition in qdisc_graft()) not applied yet, then kernel could be affected. (CVE-2023-0590)
cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service (slab-out-of-bounds read) because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results). (CVE-2023-23454)
Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The package checks in this plugin were extracted from
# SUSE update advisory SUSE-SU-2023:0618-1. The text itself
# is copyright (C) SUSE.
##
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(172175);
script_version("1.5");
script_set_attribute(attribute:"plugin_modification_date", value:"2023/07/14");
script_cve_id(
"CVE-2022-3107",
"CVE-2022-3108",
"CVE-2022-3564",
"CVE-2022-4662",
"CVE-2022-36280",
"CVE-2022-47929",
"CVE-2023-0045",
"CVE-2023-0266",
"CVE-2023-0394",
"CVE-2023-0590",
"CVE-2023-23454"
);
script_xref(name:"SuSE", value:"SUSE-SU-2023:0618-1");
script_xref(name:"CISA-KNOWN-EXPLOITED", value:"2023/04/20");
script_name(english:"SUSE SLES12 Security Update : kernel (SUSE-SU-2023:0618-1)");
script_set_attribute(attribute:"synopsis", value:
"The remote SUSE host is missing one or more security updates.");
script_set_attribute(attribute:"description", value:
"The remote SUSE Linux SLES12 / SLES_SAP12 host has packages installed that are affected by multiple vulnerabilities as
referenced in the SUSE-SU-2023:0618-1 advisory.
- An issue was discovered in the Linux kernel through 5.16-rc6. netvsc_get_ethtool_stats in
drivers/net/hyperv/netvsc_drv.c lacks check of the return value of kvmalloc_array() and will cause the
null pointer dereference. (CVE-2022-3107)
- An issue was discovered in the Linux kernel through 5.16-rc6. kfd_parse_subtype_iolink in
drivers/gpu/drm/amd/amdkfd/kfd_crat.c lacks check of the return value of kmemdup(). (CVE-2022-3108)
- A vulnerability classified as critical was found in Linux Kernel. Affected by this vulnerability is the
function l2cap_reassemble_sdu of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The
manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The associated
identifier of this vulnerability is VDB-211087. (CVE-2022-3564)
- An out-of-bounds(OOB) memory access vulnerability was found in vmwgfx driver in
drivers/gpu/vmxgfx/vmxgfx_kms.c in GPU component in the Linux kernel with device file '/dev/dri/renderD128
(or Dxxx)'. This flaw allows a local attacker with a user account on the system to gain privilege, causing
a denial of service(DoS). (CVE-2022-36280)
- A flaw incorrect access control in the Linux kernel USB core subsystem was found in the way user attaches
usb device. A local user could use this flaw to crash the system. (CVE-2022-4662)
- In the Linux kernel before 6.1.6, a NULL pointer dereference bug in the traffic control subsystem allows
an unprivileged user to trigger a denial of service (system crash) via a crafted traffic control
configuration that is set up with tc qdisc and tc class commands. This affects qdisc_graft in
net/sched/sch_api.c. (CVE-2022-47929)
- The current implementation of the prctl syscall does not issue an IBPB immediately during the syscall. The
ib_prctl_set function updates the Thread Information Flags (TIFs) for the task and updates the SPEC_CTRL
MSR on the function __speculation_ctrl_update, but the IBPB is only issued on the next schedule, when the
TIF bits are checked. This leaves the victim vulnerable to values already injected on the BTB, prior to
the prctl syscall. The patch that added the support for the conditional mitigation via prctl
(ib_prctl_set) dates back to the kernel 4.9.176. We recommend upgrading past commit
a664ec9158eeddd75121d39c9a0758016097fa96 (CVE-2023-0045)
- A use after free vulnerability exists in the ALSA PCM package in the Linux Kernel.
SNDRV_CTL_IOCTL_ELEM_{READ|WRITE}32 is missing locks that can be used in a use-after-free that can result
in a priviledge escalation to gain ring0 access from the system user. We recommend upgrading past commit
56b88b50565cd8b946a2d00b0c83927b7ebb055e (CVE-2023-0266)
- A NULL pointer dereference flaw was found in rawv6_push_pending_frames in net/ipv6/raw.c in the network
subcomponent in the Linux kernel. This flaw causes the system to crash. (CVE-2023-0394)
- A use-after-free flaw was found in qdisc_graft in net/sched/sch_api.c in the Linux Kernel due to a race
problem. This flaw leads to a denial of service issue. If patch ebda44da44f6 (net: sched: fix race
condition in qdisc_graft()) not applied yet, then kernel could be affected. (CVE-2023-0590)
- cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 allows attackers to cause a denial
of service (slab-out-of-bounds read) because of type confusion (non-negative numbers can sometimes
indicate a TC_ACT_SHOT condition rather than valid classification results). (CVE-2023-23454)
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1065729");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1175995");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1198971");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1202712");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1203200");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1203740");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1204250");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1204514");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1205149");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1205397");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1205495");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1206073");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1206640");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1206648");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1206784");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1206855");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1206858");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1206873");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1206877");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1206878");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1206880");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1206882");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1206883");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1206884");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1206887");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1206896");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1207092");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1207093");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1207094");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1207097");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1207102");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1207168");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1207186");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1207195");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1207201");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1207237");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1208108");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1208541");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1208570");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2022-3107");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2022-3108");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2022-3564");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2022-36280");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2022-4662");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2022-47929");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2023-0045");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2023-0266");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2023-0394");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2023-0590");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2023-23454");
# https://lists.suse.com/pipermail/sle-security-updates/2023-March/013976.html
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?44096dd9");
script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:N");
script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:H/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2023-0045");
script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2023-0266");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2022/09/09");
script_set_attribute(attribute:"patch_publication_date", value:"2023/07/06");
script_set_attribute(attribute:"plugin_publication_date", value:"2023/03/07");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-azure");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-azure-base");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-azure-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-devel-azure");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-source-azure");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-syms-azure");
script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:12");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"SuSE Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
exit(0);
}
include('rpm.inc');
if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item("Host/SuSE/release");
if (isnull(os_release) || os_release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
var os_ver = pregmatch(pattern: "^(SLE(S|D)(?:_SAP)?\d+)", string:os_release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');
os_ver = os_ver[1];
if (! preg(pattern:"^(SLES12|SLES_SAP12)$", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES12 / SLES_SAP12', 'SUSE (' + os_ver + ')');
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE (' + os_ver + ')', cpu);
var service_pack = get_kb_item("Host/SuSE/patchlevel");
if (isnull(service_pack)) service_pack = "0";
if (os_ver == "SLES12" && (! preg(pattern:"^(5)$", string:service_pack))) audit(AUDIT_OS_NOT, "SLES12 SP5", os_ver + " SP" + service_pack);
if (os_ver == "SLES_SAP12" && (! preg(pattern:"^(5)$", string:service_pack))) audit(AUDIT_OS_NOT, "SLES_SAP12 SP5", os_ver + " SP" + service_pack);
var pkgs = [
{'reference':'kernel-azure-4.12.14-16.124.1', 'sp':'5', 'cpu':'x86_64', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5']},
{'reference':'kernel-azure-base-4.12.14-16.124.1', 'sp':'5', 'cpu':'x86_64', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5']},
{'reference':'kernel-azure-devel-4.12.14-16.124.1', 'sp':'5', 'cpu':'x86_64', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5']},
{'reference':'kernel-devel-azure-4.12.14-16.124.1', 'sp':'5', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5']},
{'reference':'kernel-source-azure-4.12.14-16.124.1', 'sp':'5', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5']},
{'reference':'kernel-syms-azure-4.12.14-16.124.1', 'sp':'5', 'cpu':'x86_64', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5']},
{'reference':'kernel-azure-4.12.14-16.124.1', 'sp':'5', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.5']},
{'reference':'kernel-azure-base-4.12.14-16.124.1', 'sp':'5', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.5']},
{'reference':'kernel-azure-devel-4.12.14-16.124.1', 'sp':'5', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.5']},
{'reference':'kernel-devel-azure-4.12.14-16.124.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.5']},
{'reference':'kernel-source-azure-4.12.14-16.124.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.5']},
{'reference':'kernel-syms-azure-4.12.14-16.124.1', 'sp':'5', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.5']}
];
var ltss_caveat_required = FALSE;
var flag = 0;
foreach var package_array ( pkgs ) {
var reference = NULL;
var _release = NULL;
var sp = NULL;
var _cpu = NULL;
var exists_check = NULL;
var rpm_spec_vers_cmp = NULL;
if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
if (!empty_or_null(package_array['release'])) _release = package_array['release'];
if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];
if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];
if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];
if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];
if (reference && _release) {
if (exists_check) {
var check_flag = 0;
foreach var check (exists_check) {
if (!rpm_exists(release:_release, rpm:check)) continue;
check_flag++;
}
if (!check_flag) continue;
}
if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;
}
}
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : rpm_report_get()
);
exit(0);
}
else
{
var tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kernel-azure / kernel-azure-base / kernel-azure-devel / etc');
}
Vendor | Product | Version | CPE |
---|---|---|---|
novell | suse_linux | kernel-azure | p-cpe:/a:novell:suse_linux:kernel-azure |
novell | suse_linux | kernel-azure-base | p-cpe:/a:novell:suse_linux:kernel-azure-base |
novell | suse_linux | kernel-azure-devel | p-cpe:/a:novell:suse_linux:kernel-azure-devel |
novell | suse_linux | kernel-devel-azure | p-cpe:/a:novell:suse_linux:kernel-devel-azure |
novell | suse_linux | kernel-source-azure | p-cpe:/a:novell:suse_linux:kernel-source-azure |
novell | suse_linux | kernel-syms-azure | p-cpe:/a:novell:suse_linux:kernel-syms-azure |
novell | suse_linux | 12 | cpe:/o:novell:suse_linux:12 |
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3107
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3108
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3564
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36280
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4662
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-47929
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0045
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0266
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0394
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0590
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23454
www.nessus.org/u?44096dd9
bugzilla.suse.com/1065729
bugzilla.suse.com/1175995
bugzilla.suse.com/1198971
bugzilla.suse.com/1202712
bugzilla.suse.com/1203200
bugzilla.suse.com/1203740
bugzilla.suse.com/1204250
bugzilla.suse.com/1204514
bugzilla.suse.com/1205149
bugzilla.suse.com/1205397
bugzilla.suse.com/1205495
bugzilla.suse.com/1206073
bugzilla.suse.com/1206640
bugzilla.suse.com/1206648
bugzilla.suse.com/1206784
bugzilla.suse.com/1206855
bugzilla.suse.com/1206858
bugzilla.suse.com/1206873
bugzilla.suse.com/1206877
bugzilla.suse.com/1206878
bugzilla.suse.com/1206880
bugzilla.suse.com/1206882
bugzilla.suse.com/1206883
bugzilla.suse.com/1206884
bugzilla.suse.com/1206887
bugzilla.suse.com/1206896
bugzilla.suse.com/1207092
bugzilla.suse.com/1207093
bugzilla.suse.com/1207094
bugzilla.suse.com/1207097
bugzilla.suse.com/1207102
bugzilla.suse.com/1207168
bugzilla.suse.com/1207186
bugzilla.suse.com/1207195
bugzilla.suse.com/1207201
bugzilla.suse.com/1207237
bugzilla.suse.com/1208108
bugzilla.suse.com/1208541
bugzilla.suse.com/1208570
www.suse.com/security/cve/CVE-2022-3107
www.suse.com/security/cve/CVE-2022-3108
www.suse.com/security/cve/CVE-2022-3564
www.suse.com/security/cve/CVE-2022-36280
www.suse.com/security/cve/CVE-2022-4662
www.suse.com/security/cve/CVE-2022-47929
www.suse.com/security/cve/CVE-2023-0045
www.suse.com/security/cve/CVE-2023-0266
www.suse.com/security/cve/CVE-2023-0394
www.suse.com/security/cve/CVE-2023-0590
www.suse.com/security/cve/CVE-2023-23454