The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:1710-1 advisory.
A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is an unknown function of the file mm/memory.c of the component Driver Handler. The manipulation leads to use after free. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue.
The identifier of this vulnerability is VDB-211020. (CVE-2022-3523)
An out-of-bounds(OOB) memory access vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_kms.c in GPU component in the Linux kernel with device file ‘/dev/dri/renderD128 (or Dxxx)’. This flaw allows a local attacker with a user account on the system to gain privilege, causing a denial of service(DoS). (CVE-2022-36280)
A NULL pointer dereference vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_execbuf.c in GPU component of Linux kernel with device file ‘/dev/dri/renderD128 (or Dxxx)’. This flaw allows a local attacker with a user account on the system to gain privilege, causing a denial of service(DoS).
(CVE-2022-38096)
The current implementation of the prctl syscall does not issue an IBPB immediately during the syscall. The ib_prctl_set function updates the Thread Information Flags (TIFs) for the task and updates the SPEC_CTRL MSR on the function __speculation_ctrl_update, but the IBPB is only issued on the next schedule, when the TIF bits are checked. This leaves the victim vulnerable to values already injected on the BTB, prior to the prctl syscall. The patch that added the support for the conditional mitigation via prctl (ib_prctl_set) dates back to the kernel 4.9.176. We recommend upgrading past commit a664ec9158eeddd75121d39c9a0758016097fa96 (CVE-2023-0045)
There is a use-after-free vulnerability in the Linux Kernel which can be exploited to achieve local privilege escalation. To reach the vulnerability kernel configuration flag CONFIG_TLS or CONFIG_XFRM_ESPINTCP has to be configured, but the operation does not require any privilege. There is a use-after-free bug of icsk_ulp_data of a struct inet_connection_sock. When CONFIG_TLS is enabled, user can install a tls context (struct tls_context) on a connected tcp socket. The context is not cleared if this socket is disconnected and reused as a listener. If a new socket is created from the listener, the context is inherited and vulnerable. The setsockopt TCP_ULP operation does not require any privilege. We recommend upgrading past commit 2c02d41d71f90a5168391b6a5f2954112ba2307c (CVE-2023-0461)
A flaw possibility of memory leak in the Linux kernel cpu_entry_area mapping of X86 CPU data to memory was found in the way user can guess location of exception stack(s) or other important data. A local user could use this flaw to get access to some important data with expected location in memory. (CVE-2023-0597)
A flaw was found in the Linux Kernel. The tls_is_tx_ready() incorrectly checks for list emptiness, potentially accessing a type confused entry to the list_head, leaking the last byte of the confused field that overlaps with rec->tx_ready. (CVE-2023-1075)
A flaw was found in the Linux Kernel. The tun/tap sockets have their socket UID hardcoded to 0 due to a type confusion in their initialization function. While it will be often correct, as tuntap devices require CAP_NET_ADMIN, it may not always be the case, e.g., a non-root user only having that capability. This would make tun/tap sockets being incorrectly treated in filtering/routing decisions, possibly bypassing network filters. (CVE-2023-1076)
A flaw was found in the Linux Kernel in RDS (Reliable Datagram Sockets) protocol. The rds_rm_zerocopy_callback() uses list_entry() on the head of a list causing a type confusion. Local user can trigger this with rds_message_put(). Type confusion leads to struct rds_msg_zcopy_info *info
actually points to something else that is potentially controlled by local user. It is known how to trigger this, which causes an out of bounds access, and a lock corruption. (CVE-2023-1078)
In nf_tables_updtable, if nf_tables_table_enable returns an error, nft_trans_destroy is called to free the transaction object. nft_trans_destroy() calls list_del(), but the transaction was never placed on a list
– the list head is all zeroes, this results in a NULL pointer dereference. (CVE-2023-1095)
A flaw use after free in the Linux kernel integrated infrared receiver/transceiver driver was found in the way user detaching rc device. A local user could use this flaw to crash the system or potentially escalate their privileges on the system. (CVE-2023-1118)
In the Linux kernel before 5.17, an error path in dwc3_qcom_acpi_register_core in drivers/usb/dwc3/dwc3-qcom.c lacks certain platform_device_put and kfree calls. (CVE-2023-22995)
In the Linux kernel before 6.0.3, drivers/gpu/drm/virtio/virtgpu_object.c misinterprets the drm_gem_shmem_get_sg_table return value (expects it to be NULL in the error case, whereas it is actually an error pointer). (CVE-2023-22998)
In the Linux kernel before 5.17, drivers/phy/tegra/xusb.c mishandles the tegra_xusb_find_port_node return value. Callers expect NULL in the error case, but an error pointer is used. (CVE-2023-23000)
In the Linux kernel before 5.19, drivers/gpu/drm/arm/malidp_planes.c misinterprets the get_sg_table return value (expects it to be NULL in the error case, whereas it is actually an error pointer). (CVE-2023-23004)
In rndis_query_oid in drivers/net/wireless/rndis_wlan.c in the Linux kernel through 6.1.5, there is an integer overflow in an addition. (CVE-2023-23559)
The Linux kernel through 6.1.9 has a Use-After-Free in bigben_remove in drivers/hid/hid-bigbenff.c via a crafted USB device because the LED controllers remain registered for too long. (CVE-2023-25012)
In the Linux kernel before 6.1.13, there is a double free in net/mpls/af_mpls.c upon an allocation failure (for registering the sysctl table under a new location) during the renaming of a device. (CVE-2023-26545)
A NULL pointer dereference flaw was found in the az6027 driver in drivers/media/usb/dev-usb/az6027.c in the Linux Kernel. The message from user space is not checked properly before transferring into the device.
This flaw allows a local user to crash the system or potentially cause a denial of service.
(CVE-2023-28328)
Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The package checks in this plugin were extracted from
# SUSE update advisory SUSE-SU-2023:1710-1. The text itself
# is copyright (C) SUSE.
##
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(173767);
script_version("1.4");
script_set_attribute(attribute:"plugin_modification_date", value:"2023/07/14");
script_cve_id(
"CVE-2022-3523",
"CVE-2022-36280",
"CVE-2022-38096",
"CVE-2023-0045",
"CVE-2023-0461",
"CVE-2023-0597",
"CVE-2023-1075",
"CVE-2023-1076",
"CVE-2023-1078",
"CVE-2023-1095",
"CVE-2023-1118",
"CVE-2023-22995",
"CVE-2023-22998",
"CVE-2023-23000",
"CVE-2023-23004",
"CVE-2023-23559",
"CVE-2023-25012",
"CVE-2023-26545",
"CVE-2023-28328"
);
script_xref(name:"SuSE", value:"SUSE-SU-2023:1710-1");
script_name(english:"SUSE SLED15 / SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2023:1710-1)");
script_set_attribute(attribute:"synopsis", value:
"The remote SUSE host is missing one or more security updates.");
script_set_attribute(attribute:"description", value:
"The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are
affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:1710-1 advisory.
- A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is an unknown
function of the file mm/memory.c of the component Driver Handler. The manipulation leads to use after
free. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue.
The identifier of this vulnerability is VDB-211020. (CVE-2022-3523)
- An out-of-bounds(OOB) memory access vulnerability was found in vmwgfx driver in
drivers/gpu/vmxgfx/vmxgfx_kms.c in GPU component in the Linux kernel with device file '/dev/dri/renderD128
(or Dxxx)'. This flaw allows a local attacker with a user account on the system to gain privilege, causing
a denial of service(DoS). (CVE-2022-36280)
- A NULL pointer dereference vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_execbuf.c
in GPU component of Linux kernel with device file '/dev/dri/renderD128 (or Dxxx)'. This flaw allows a
local attacker with a user account on the system to gain privilege, causing a denial of service(DoS).
(CVE-2022-38096)
- The current implementation of the prctl syscall does not issue an IBPB immediately during the syscall. The
ib_prctl_set function updates the Thread Information Flags (TIFs) for the task and updates the SPEC_CTRL
MSR on the function __speculation_ctrl_update, but the IBPB is only issued on the next schedule, when the
TIF bits are checked. This leaves the victim vulnerable to values already injected on the BTB, prior to
the prctl syscall. The patch that added the support for the conditional mitigation via prctl
(ib_prctl_set) dates back to the kernel 4.9.176. We recommend upgrading past commit
a664ec9158eeddd75121d39c9a0758016097fa96 (CVE-2023-0045)
- There is a use-after-free vulnerability in the Linux Kernel which can be exploited to achieve local
privilege escalation. To reach the vulnerability kernel configuration flag CONFIG_TLS or
CONFIG_XFRM_ESPINTCP has to be configured, but the operation does not require any privilege. There is a
use-after-free bug of icsk_ulp_data of a struct inet_connection_sock. When CONFIG_TLS is enabled, user can
install a tls context (struct tls_context) on a connected tcp socket. The context is not cleared if this
socket is disconnected and reused as a listener. If a new socket is created from the listener, the context
is inherited and vulnerable. The setsockopt TCP_ULP operation does not require any privilege. We recommend
upgrading past commit 2c02d41d71f90a5168391b6a5f2954112ba2307c (CVE-2023-0461)
- A flaw possibility of memory leak in the Linux kernel cpu_entry_area mapping of X86 CPU data to memory was
found in the way user can guess location of exception stack(s) or other important data. A local user could
use this flaw to get access to some important data with expected location in memory. (CVE-2023-0597)
- A flaw was found in the Linux Kernel. The tls_is_tx_ready() incorrectly checks for list emptiness,
potentially accessing a type confused entry to the list_head, leaking the last byte of the confused field
that overlaps with rec->tx_ready. (CVE-2023-1075)
- A flaw was found in the Linux Kernel. The tun/tap sockets have their socket UID hardcoded to 0 due to a
type confusion in their initialization function. While it will be often correct, as tuntap devices require
CAP_NET_ADMIN, it may not always be the case, e.g., a non-root user only having that capability. This
would make tun/tap sockets being incorrectly treated in filtering/routing decisions, possibly bypassing
network filters. (CVE-2023-1076)
- A flaw was found in the Linux Kernel in RDS (Reliable Datagram Sockets) protocol. The
rds_rm_zerocopy_callback() uses list_entry() on the head of a list causing a type confusion. Local user
can trigger this with rds_message_put(). Type confusion leads to `struct rds_msg_zcopy_info *info`
actually points to something else that is potentially controlled by local user. It is known how to trigger
this, which causes an out of bounds access, and a lock corruption. (CVE-2023-1078)
- In nf_tables_updtable, if nf_tables_table_enable returns an error, nft_trans_destroy is called to free the
transaction object. nft_trans_destroy() calls list_del(), but the transaction was never placed on a list
-- the list head is all zeroes, this results in a NULL pointer dereference. (CVE-2023-1095)
- A flaw use after free in the Linux kernel integrated infrared receiver/transceiver driver was found in the
way user detaching rc device. A local user could use this flaw to crash the system or potentially escalate
their privileges on the system. (CVE-2023-1118)
- In the Linux kernel before 5.17, an error path in dwc3_qcom_acpi_register_core in
drivers/usb/dwc3/dwc3-qcom.c lacks certain platform_device_put and kfree calls. (CVE-2023-22995)
- In the Linux kernel before 6.0.3, drivers/gpu/drm/virtio/virtgpu_object.c misinterprets the
drm_gem_shmem_get_sg_table return value (expects it to be NULL in the error case, whereas it is actually
an error pointer). (CVE-2023-22998)
- In the Linux kernel before 5.17, drivers/phy/tegra/xusb.c mishandles the tegra_xusb_find_port_node return
value. Callers expect NULL in the error case, but an error pointer is used. (CVE-2023-23000)
- In the Linux kernel before 5.19, drivers/gpu/drm/arm/malidp_planes.c misinterprets the get_sg_table return
value (expects it to be NULL in the error case, whereas it is actually an error pointer). (CVE-2023-23004)
- In rndis_query_oid in drivers/net/wireless/rndis_wlan.c in the Linux kernel through 6.1.5, there is an
integer overflow in an addition. (CVE-2023-23559)
- The Linux kernel through 6.1.9 has a Use-After-Free in bigben_remove in drivers/hid/hid-bigbenff.c via a
crafted USB device because the LED controllers remain registered for too long. (CVE-2023-25012)
- In the Linux kernel before 6.1.13, there is a double free in net/mpls/af_mpls.c upon an allocation failure
(for registering the sysctl table under a new location) during the renaming of a device. (CVE-2023-26545)
- A NULL pointer dereference flaw was found in the az6027 driver in drivers/media/usb/dev-usb/az6027.c in
the Linux Kernel. The message from user space is not checked properly before transferring into the device.
This flaw allows a local user to crash the system or potentially cause a denial of service.
(CVE-2023-28328)
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1166486");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1177529");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1193629");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1197534");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1197617");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1198438");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1202353");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1202633");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1203200");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1203331");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1203332");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1204363");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1204993");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1205544");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1205846");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1206103");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1206224");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1206232");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1206459");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1206492");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1206493");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1206640");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1206824");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1206876");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1206877");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1206878");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1206880");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1206881");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1206882");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1206883");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1206884");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1206885");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1206886");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1206889");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1206894");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1206935");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1207051");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1207270");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1207328");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1207529");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1207560");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1207588");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1207589");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1207590");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1207591");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1207592");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1207593");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1207594");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1207603");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1207605");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1207606");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1207607");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1207608");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1207609");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1207610");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1207613");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1207615");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1207617");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1207618");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1207619");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1207620");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1207621");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1207623");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1207624");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1207625");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1207626");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1207628");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1207630");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1207631");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1207632");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1207634");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1207635");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1207636");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1207638");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1207639");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1207641");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1207642");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1207643");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1207644");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1207645");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1207646");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1207647");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1207648");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1207651");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1207653");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1207770");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1207773");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1207845");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1207875");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1208149");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1208153");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1208179");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1208183");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1208212");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1208290");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1208420");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1208428");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1208429");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1208449");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1208534");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1208541");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1208570");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1208598");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1208599");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1208601");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1208603");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1208605");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1208607");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1208628");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1208700");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1208741");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1208759");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1208776");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1208777");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1208784");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1208787");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1208816");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1208837");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1208843");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1208848");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1209008");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1209159");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1209188");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1209256");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1209258");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1209262");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1209291");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1209436");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1209457");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1209504");
script_set_attribute(attribute:"see_also", value:"https://lists.suse.com/pipermail/sle-updates/2023-March/028529.html");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2022-3523");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2022-36280");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2022-38096");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2023-0045");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2023-0461");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2023-0597");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2023-1075");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2023-1076");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2023-1078");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2023-1095");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2023-1118");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2023-22995");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2023-22998");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2023-23000");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2023-23004");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2023-23559");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2023-25012");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2023-26545");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2023-28328");
script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:N");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2023-0045");
script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2023-23559");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2022/09/09");
script_set_attribute(attribute:"patch_publication_date", value:"2023/03/31");
script_set_attribute(attribute:"plugin_publication_date", value:"2023/04/02");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:cluster-md-kmp-default");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:dlm-kmp-default");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:gfs2-kmp-default");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-64kb");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-64kb-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default-base");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default-extra");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default-livepatch");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default-livepatch-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-livepatch-5_14_21-150400_24_55-default");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-macros");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-obs-build");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-source");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-syms");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-zfcpdump");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:ocfs2-kmp-default");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:reiserfs-kmp-default");
script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:15");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"SuSE Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
exit(0);
}
include('rpm.inc');
if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item("Host/SuSE/release");
if (isnull(os_release) || os_release !~ "^(SLED|SLES|SUSE)") audit(AUDIT_OS_NOT, "SUSE / openSUSE");
var os_ver = pregmatch(pattern: "^(SLE(S|D)(?:_SAP)?\d+|SUSE([\d.]+))", string:os_release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE / openSUSE');
os_ver = os_ver[1];
if (! preg(pattern:"^(SLED15|SLED_SAP15|SLES15|SLES_SAP15|SUSE15\.4)$", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15', 'SUSE / openSUSE (' + os_ver + ')');
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE / openSUSE (' + os_ver + ')', cpu);
var service_pack = get_kb_item("Host/SuSE/patchlevel");
if (isnull(service_pack)) service_pack = "0";
if (os_ver == "SLED15" && (! preg(pattern:"^(4)$", string:service_pack))) audit(AUDIT_OS_NOT, "SLED15 SP4", os_ver + " SP" + service_pack);
if (os_ver == "SLED_SAP15" && (! preg(pattern:"^(4)$", string:service_pack))) audit(AUDIT_OS_NOT, "SLED_SAP15 SP4", os_ver + " SP" + service_pack);
if (os_ver == "SLES15" && (! preg(pattern:"^(4)$", string:service_pack))) audit(AUDIT_OS_NOT, "SLES15 SP4", os_ver + " SP" + service_pack);
if (os_ver == "SLES_SAP15" && (! preg(pattern:"^(4)$", string:service_pack))) audit(AUDIT_OS_NOT, "SLES_SAP15 SP4", os_ver + " SP" + service_pack);
var pkgs = [
{'reference':'kernel-64kb-5.14.21-150400.24.55.2', 'sp':'4', 'cpu':'aarch64', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},
{'reference':'kernel-64kb-5.14.21-150400.24.55.2', 'sp':'4', 'cpu':'aarch64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},
{'reference':'kernel-64kb-devel-5.14.21-150400.24.55.2', 'sp':'4', 'cpu':'aarch64', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},
{'reference':'kernel-64kb-devel-5.14.21-150400.24.55.2', 'sp':'4', 'cpu':'aarch64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},
{'reference':'kernel-default-5.14.21-150400.24.55.3', 'sp':'4', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},
{'reference':'kernel-default-5.14.21-150400.24.55.3', 'sp':'4', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},
{'reference':'kernel-default-base-5.14.21-150400.24.55.3.150400.24.22.7', 'sp':'4', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},
{'reference':'kernel-default-base-5.14.21-150400.24.55.3.150400.24.22.7', 'sp':'4', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},
{'reference':'kernel-default-devel-5.14.21-150400.24.55.3', 'sp':'4', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},
{'reference':'kernel-default-devel-5.14.21-150400.24.55.3', 'sp':'4', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},
{'reference':'kernel-default-extra-5.14.21-150400.24.55.3', 'sp':'4', 'cpu':'x86_64', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},
{'reference':'kernel-default-extra-5.14.21-150400.24.55.3', 'sp':'4', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},
{'reference':'kernel-devel-5.14.21-150400.24.55.2', 'sp':'4', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},
{'reference':'kernel-devel-5.14.21-150400.24.55.2', 'sp':'4', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},
{'reference':'kernel-macros-5.14.21-150400.24.55.2', 'sp':'4', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},
{'reference':'kernel-macros-5.14.21-150400.24.55.2', 'sp':'4', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},
{'reference':'kernel-obs-build-5.14.21-150400.24.55.3', 'sp':'4', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},
{'reference':'kernel-obs-build-5.14.21-150400.24.55.3', 'sp':'4', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},
{'reference':'kernel-source-5.14.21-150400.24.55.2', 'sp':'4', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},
{'reference':'kernel-source-5.14.21-150400.24.55.2', 'sp':'4', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},
{'reference':'kernel-syms-5.14.21-150400.24.55.1', 'sp':'4', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},
{'reference':'kernel-syms-5.14.21-150400.24.55.1', 'sp':'4', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},
{'reference':'kernel-zfcpdump-5.14.21-150400.24.55.2', 'sp':'4', 'cpu':'s390x', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},
{'reference':'kernel-zfcpdump-5.14.21-150400.24.55.2', 'sp':'4', 'cpu':'s390x', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},
{'reference':'reiserfs-kmp-default-5.14.21-150400.24.55.3', 'sp':'4', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},
{'reference':'kernel-64kb-5.14.21-150400.24.55.2', 'sp':'4', 'cpu':'aarch64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-basesystem-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},
{'reference':'kernel-64kb-5.14.21-150400.24.55.2', 'sp':'4', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-basesystem-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},
{'reference':'kernel-64kb-devel-5.14.21-150400.24.55.2', 'sp':'4', 'cpu':'aarch64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-basesystem-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},
{'reference':'kernel-64kb-devel-5.14.21-150400.24.55.2', 'sp':'4', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-basesystem-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},
{'reference':'kernel-default-5.14.21-150400.24.55.3', 'sp':'4', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-basesystem-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},
{'reference':'kernel-default-5.14.21-150400.24.55.3', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-basesystem-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},
{'reference':'kernel-default-base-5.14.21-150400.24.55.3.150400.24.22.7', 'sp':'4', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-basesystem-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},
{'reference':'kernel-default-base-5.14.21-150400.24.55.3.150400.24.22.7', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-basesystem-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},
{'reference':'kernel-default-devel-5.14.21-150400.24.55.3', 'sp':'4', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-basesystem-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},
{'reference':'kernel-default-devel-5.14.21-150400.24.55.3', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-basesystem-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},
{'reference':'kernel-devel-5.14.21-150400.24.55.2', 'sp':'4', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-basesystem-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},
{'reference':'kernel-devel-5.14.21-150400.24.55.2', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-basesystem-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},
{'reference':'kernel-macros-5.14.21-150400.24.55.2', 'sp':'4', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-basesystem-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},
{'reference':'kernel-macros-5.14.21-150400.24.55.2', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-basesystem-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},
{'reference':'kernel-obs-build-5.14.21-150400.24.55.3', 'sp':'4', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-development-tools-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},
{'reference':'kernel-obs-build-5.14.21-150400.24.55.3', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-development-tools-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},
{'reference':'kernel-source-5.14.21-150400.24.55.2', 'sp':'4', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-development-tools-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},
{'reference':'kernel-source-5.14.21-150400.24.55.2', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-development-tools-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},
{'reference':'kernel-syms-5.14.21-150400.24.55.1', 'sp':'4', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-development-tools-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},
{'reference':'kernel-syms-5.14.21-150400.24.55.1', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-development-tools-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},
{'reference':'kernel-zfcpdump-5.14.21-150400.24.55.2', 'sp':'4', 'cpu':'s390x', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-basesystem-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},
{'reference':'kernel-zfcpdump-5.14.21-150400.24.55.2', 'sp':'4', 'cpu':'s390x', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-basesystem-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},
{'reference':'reiserfs-kmp-default-5.14.21-150400.24.55.3', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-legacy-release-15.4', 'sles-release-15.4']},
{'reference':'cluster-md-kmp-64kb-5.14.21-150400.24.55.2', 'cpu':'aarch64', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']},
{'reference':'cluster-md-kmp-default-5.14.21-150400.24.55.3', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']},
{'reference':'dlm-kmp-64kb-5.14.21-150400.24.55.2', 'cpu':'aarch64', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']},
{'reference':'dlm-kmp-default-5.14.21-150400.24.55.3', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']},
{'reference':'dtb-allwinner-5.14.21-150400.24.55.1', 'cpu':'aarch64', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']},
{'reference':'dtb-altera-5.14.21-150400.24.55.1', 'cpu':'aarch64', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']},
{'reference':'dtb-amazon-5.14.21-150400.24.55.1', 'cpu':'aarch64', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']},
{'reference':'dtb-amd-5.14.21-150400.24.55.1', 'cpu':'aarch64', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']},
{'reference':'dtb-amlogic-5.14.21-150400.24.55.1', 'cpu':'aarch64', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']},
{'reference':'dtb-apm-5.14.21-150400.24.55.1', 'cpu':'aarch64', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']},
{'reference':'dtb-apple-5.14.21-150400.24.55.1', 'cpu':'aarch64', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']},
{'reference':'dtb-arm-5.14.21-150400.24.55.1', 'cpu':'aarch64', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']},
{'reference':'dtb-broadcom-5.14.21-150400.24.55.1', 'cpu':'aarch64', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']},
{'reference':'dtb-cavium-5.14.21-150400.24.55.1', 'cpu':'aarch64', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']},
{'reference':'dtb-exynos-5.14.21-150400.24.55.1', 'cpu':'aarch64', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']},
{'reference':'dtb-freescale-5.14.21-150400.24.55.1', 'cpu':'aarch64', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']},
{'reference':'dtb-hisilicon-5.14.21-150400.24.55.1', 'cpu':'aarch64', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']},
{'reference':'dtb-lg-5.14.21-150400.24.55.1', 'cpu':'aarch64', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']},
{'reference':'dtb-marvell-5.14.21-150400.24.55.1', 'cpu':'aarch64', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']},
{'reference':'dtb-mediatek-5.14.21-150400.24.55.1', 'cpu':'aarch64', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']},
{'reference':'dtb-nvidia-5.14.21-150400.24.55.1', 'cpu':'aarch64', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']},
{'reference':'dtb-qcom-5.14.21-150400.24.55.1', 'cpu':'aarch64', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']},
{'reference':'dtb-renesas-5.14.21-150400.24.55.1', 'cpu':'aarch64', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']},
{'reference':'dtb-rockchip-5.14.21-150400.24.55.1', 'cpu':'aarch64', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']},
{'reference':'dtb-socionext-5.14.21-150400.24.55.1', 'cpu':'aarch64', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']},
{'reference':'dtb-sprd-5.14.21-150400.24.55.1', 'cpu':'aarch64', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']},
{'reference':'dtb-xilinx-5.14.21-150400.24.55.1', 'cpu':'aarch64', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']},
{'reference':'gfs2-kmp-64kb-5.14.21-150400.24.55.2', 'cpu':'aarch64', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']},
{'reference':'gfs2-kmp-default-5.14.21-150400.24.55.3', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']},
{'reference':'kernel-64kb-5.14.21-150400.24.55.2', 'cpu':'aarch64', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']},
{'reference':'kernel-64kb-devel-5.14.21-150400.24.55.2', 'cpu':'aarch64', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']},
{'reference':'kernel-64kb-extra-5.14.21-150400.24.55.2', 'cpu':'aarch64', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']},
{'reference':'kernel-64kb-livepatch-devel-5.14.21-150400.24.55.2', 'cpu':'aarch64', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']},
{'reference':'kernel-64kb-optional-5.14.21-150400.24.55.2', 'cpu':'aarch64', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']},
{'reference':'kernel-debug-5.14.21-150400.24.55.3', 'cpu':'x86_64', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']},
{'reference':'kernel-debug-devel-5.14.21-150400.24.55.3', 'cpu':'x86_64', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']},
{'reference':'kernel-debug-livepatch-devel-5.14.21-150400.24.55.3', 'cpu':'x86_64', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']},
{'reference':'kernel-default-5.14.21-150400.24.55.3', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']},
{'reference':'kernel-default-base-5.14.21-150400.24.55.3.150400.24.22.7', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']},
{'reference':'kernel-default-base-rebuild-5.14.21-150400.24.55.3.150400.24.22.7', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']},
{'reference':'kernel-default-devel-5.14.21-150400.24.55.3', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']},
{'reference':'kernel-default-extra-5.14.21-150400.24.55.3', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']},
{'reference':'kernel-default-livepatch-5.14.21-150400.24.55.3', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']},
{'reference':'kernel-default-livepatch-devel-5.14.21-150400.24.55.3', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']},
{'reference':'kernel-default-optional-5.14.21-150400.24.55.3', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']},
{'reference':'kernel-devel-5.14.21-150400.24.55.2', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']},
{'reference':'kernel-kvmsmall-5.14.21-150400.24.55.3', 'cpu':'aarch64', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']},
{'reference':'kernel-kvmsmall-5.14.21-150400.24.55.3', 'cpu':'x86_64', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']},
{'reference':'kernel-kvmsmall-devel-5.14.21-150400.24.55.3', 'cpu':'aarch64', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']},
{'reference':'kernel-kvmsmall-devel-5.14.21-150400.24.55.3', 'cpu':'x86_64', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']},
{'reference':'kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.55.3', 'cpu':'aarch64', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']},
{'reference':'kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.55.3', 'cpu':'x86_64', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']},
{'reference':'kernel-macros-5.14.21-150400.24.55.2', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']},
{'reference':'kernel-obs-build-5.14.21-150400.24.55.3', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']},
{'reference':'kernel-obs-qa-5.14.21-150400.24.55.1', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']},
{'reference':'kernel-source-5.14.21-150400.24.55.2', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']},
{'reference':'kernel-source-vanilla-5.14.21-150400.24.55.2', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']},
{'reference':'kernel-syms-5.14.21-150400.24.55.1', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']},
{'reference':'kernel-zfcpdump-5.14.21-150400.24.55.2', 'cpu':'s390x', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']},
{'reference':'kselftests-kmp-64kb-5.14.21-150400.24.55.2', 'cpu':'aarch64', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']},
{'reference':'kselftests-kmp-default-5.14.21-150400.24.55.3', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']},
{'reference':'ocfs2-kmp-64kb-5.14.21-150400.24.55.2', 'cpu':'aarch64', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']},
{'reference':'ocfs2-kmp-default-5.14.21-150400.24.55.3', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']},
{'reference':'reiserfs-kmp-64kb-5.14.21-150400.24.55.2', 'cpu':'aarch64', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']},
{'reference':'reiserfs-kmp-default-5.14.21-150400.24.55.3', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']},
{'reference':'cluster-md-kmp-default-5.14.21-150400.24.55.3', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-ha-release-15.4']},
{'reference':'dlm-kmp-default-5.14.21-150400.24.55.3', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-ha-release-15.4']},
{'reference':'gfs2-kmp-default-5.14.21-150400.24.55.3', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-ha-release-15.4']},
{'reference':'ocfs2-kmp-default-5.14.21-150400.24.55.3', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-ha-release-15.4']},
{'reference':'kernel-default-livepatch-5.14.21-150400.24.55.3', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-live-patching-release-15.4']},
{'reference':'kernel-default-livepatch-devel-5.14.21-150400.24.55.3', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-live-patching-release-15.4']},
{'reference':'kernel-livepatch-5_14_21-150400_24_55-default-1-150400.9.3.7', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-live-patching-release-15.4']},
{'reference':'kernel-default-extra-5.14.21-150400.24.55.3', 'sp':'4', 'cpu':'x86_64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-we-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},
{'reference':'kernel-default-extra-5.14.21-150400.24.55.3', 'sp':'4', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-we-release-15.4', 'sled-release-15.4', 'sles-release-15.4']}
];
var ltss_caveat_required = FALSE;
var flag = 0;
foreach var package_array ( pkgs ) {
var reference = NULL;
var _release = NULL;
var sp = NULL;
var _cpu = NULL;
var exists_check = NULL;
var rpm_spec_vers_cmp = NULL;
if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
if (!empty_or_null(package_array['release'])) _release = package_array['release'];
if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];
if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];
if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];
if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];
if (reference && _release) {
if (exists_check) {
var check_flag = 0;
foreach var check (exists_check) {
if (!rpm_exists(release:_release, rpm:check)) continue;
check_flag++;
}
if (!check_flag) continue;
}
if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;
}
}
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : rpm_report_get()
);
exit(0);
}
else
{
var tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'cluster-md-kmp-64kb / cluster-md-kmp-default / dlm-kmp-64kb / etc');
}
Vendor | Product | Version | CPE |
---|---|---|---|
novell | suse_linux | cluster-md-kmp-default | p-cpe:/a:novell:suse_linux:cluster-md-kmp-default |
novell | suse_linux | dlm-kmp-default | p-cpe:/a:novell:suse_linux:dlm-kmp-default |
novell | suse_linux | gfs2-kmp-default | p-cpe:/a:novell:suse_linux:gfs2-kmp-default |
novell | suse_linux | kernel-64kb | p-cpe:/a:novell:suse_linux:kernel-64kb |
novell | suse_linux | kernel-64kb-devel | p-cpe:/a:novell:suse_linux:kernel-64kb-devel |
novell | suse_linux | kernel-default | p-cpe:/a:novell:suse_linux:kernel-default |
novell | suse_linux | kernel-default-base | p-cpe:/a:novell:suse_linux:kernel-default-base |
novell | suse_linux | kernel-default-devel | p-cpe:/a:novell:suse_linux:kernel-default-devel |
novell | suse_linux | kernel-default-extra | p-cpe:/a:novell:suse_linux:kernel-default-extra |
novell | suse_linux | ocfs2-kmp-default | p-cpe:/a:novell:suse_linux:ocfs2-kmp-default |
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3523
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36280
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38096
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0045
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0461
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0597
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1075
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1076
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1078
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1095
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1118
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22995
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22998
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23000
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23004
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23559
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25012
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-26545
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28328
bugzilla.suse.com/1166486
bugzilla.suse.com/1177529
bugzilla.suse.com/1193629
bugzilla.suse.com/1197534
bugzilla.suse.com/1197617
bugzilla.suse.com/1198438
bugzilla.suse.com/1202353
bugzilla.suse.com/1202633
bugzilla.suse.com/1203200
bugzilla.suse.com/1203331
bugzilla.suse.com/1203332
bugzilla.suse.com/1204363
bugzilla.suse.com/1204993
bugzilla.suse.com/1205544
bugzilla.suse.com/1205846
bugzilla.suse.com/1206103
bugzilla.suse.com/1206224
bugzilla.suse.com/1206232
bugzilla.suse.com/1206459
bugzilla.suse.com/1206492
bugzilla.suse.com/1206493
bugzilla.suse.com/1206640
bugzilla.suse.com/1206824
bugzilla.suse.com/1206876
bugzilla.suse.com/1206877
bugzilla.suse.com/1206878
bugzilla.suse.com/1206880
bugzilla.suse.com/1206881
bugzilla.suse.com/1206882
bugzilla.suse.com/1206883
bugzilla.suse.com/1206884
bugzilla.suse.com/1206885
bugzilla.suse.com/1206886
bugzilla.suse.com/1206889
bugzilla.suse.com/1206894
bugzilla.suse.com/1206935
bugzilla.suse.com/1207051
bugzilla.suse.com/1207270
bugzilla.suse.com/1207328
bugzilla.suse.com/1207529
bugzilla.suse.com/1207560
bugzilla.suse.com/1207588
bugzilla.suse.com/1207589
bugzilla.suse.com/1207590
bugzilla.suse.com/1207591
bugzilla.suse.com/1207592
bugzilla.suse.com/1207593
bugzilla.suse.com/1207594
bugzilla.suse.com/1207603
bugzilla.suse.com/1207605
bugzilla.suse.com/1207606
bugzilla.suse.com/1207607
bugzilla.suse.com/1207608
bugzilla.suse.com/1207609
bugzilla.suse.com/1207610
bugzilla.suse.com/1207613
bugzilla.suse.com/1207615
bugzilla.suse.com/1207617
bugzilla.suse.com/1207618
bugzilla.suse.com/1207619
bugzilla.suse.com/1207620
bugzilla.suse.com/1207621
bugzilla.suse.com/1207623
bugzilla.suse.com/1207624
bugzilla.suse.com/1207625
bugzilla.suse.com/1207626
bugzilla.suse.com/1207628
bugzilla.suse.com/1207630
bugzilla.suse.com/1207631
bugzilla.suse.com/1207632
bugzilla.suse.com/1207634
bugzilla.suse.com/1207635
bugzilla.suse.com/1207636
bugzilla.suse.com/1207638
bugzilla.suse.com/1207639
bugzilla.suse.com/1207641
bugzilla.suse.com/1207642
bugzilla.suse.com/1207643
bugzilla.suse.com/1207644
bugzilla.suse.com/1207645
bugzilla.suse.com/1207646
bugzilla.suse.com/1207647
bugzilla.suse.com/1207648
bugzilla.suse.com/1207651
bugzilla.suse.com/1207653
bugzilla.suse.com/1207770
bugzilla.suse.com/1207773
bugzilla.suse.com/1207845
bugzilla.suse.com/1207875
bugzilla.suse.com/1208149
bugzilla.suse.com/1208153
bugzilla.suse.com/1208179
bugzilla.suse.com/1208183
bugzilla.suse.com/1208212
bugzilla.suse.com/1208290
bugzilla.suse.com/1208420
bugzilla.suse.com/1208428
bugzilla.suse.com/1208429
bugzilla.suse.com/1208449
bugzilla.suse.com/1208534
bugzilla.suse.com/1208541
bugzilla.suse.com/1208570
bugzilla.suse.com/1208598
bugzilla.suse.com/1208599
bugzilla.suse.com/1208601
bugzilla.suse.com/1208603
bugzilla.suse.com/1208605
bugzilla.suse.com/1208607
bugzilla.suse.com/1208628
bugzilla.suse.com/1208700
bugzilla.suse.com/1208741
bugzilla.suse.com/1208759
bugzilla.suse.com/1208776
bugzilla.suse.com/1208777
bugzilla.suse.com/1208784
bugzilla.suse.com/1208787
bugzilla.suse.com/1208816
bugzilla.suse.com/1208837
bugzilla.suse.com/1208843
bugzilla.suse.com/1208848
bugzilla.suse.com/1209008
bugzilla.suse.com/1209159
bugzilla.suse.com/1209188
bugzilla.suse.com/1209256
bugzilla.suse.com/1209258
bugzilla.suse.com/1209262
bugzilla.suse.com/1209291
bugzilla.suse.com/1209436
bugzilla.suse.com/1209457
bugzilla.suse.com/1209504
lists.suse.com/pipermail/sle-updates/2023-March/028529.html
www.suse.com/security/cve/CVE-2022-3523
www.suse.com/security/cve/CVE-2022-36280
www.suse.com/security/cve/CVE-2022-38096
www.suse.com/security/cve/CVE-2023-0045
www.suse.com/security/cve/CVE-2023-0461
www.suse.com/security/cve/CVE-2023-0597
www.suse.com/security/cve/CVE-2023-1075
www.suse.com/security/cve/CVE-2023-1076
www.suse.com/security/cve/CVE-2023-1078
www.suse.com/security/cve/CVE-2023-1095
www.suse.com/security/cve/CVE-2023-1118
www.suse.com/security/cve/CVE-2023-22995
www.suse.com/security/cve/CVE-2023-22998
www.suse.com/security/cve/CVE-2023-23000
www.suse.com/security/cve/CVE-2023-23004
www.suse.com/security/cve/CVE-2023-23559
www.suse.com/security/cve/CVE-2023-25012
www.suse.com/security/cve/CVE-2023-26545
www.suse.com/security/cve/CVE-2023-28328