{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"SUSE Linux Enterprise Server 15-SP3-LTSS","product":{"name":"SUSE Linux Enterprise Server","vendor":{"name":"SUSE","scada":false}}},{"description":"SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS","product":{"name":"SUSE Linux Enterprise High Performance Computing","vendor":{"name":"SUSE","scada":false}}},{"description":"SUSE Linux Enterprise High Availability 15-SP4","product":{"name":"N/A","vendor":{"name":"SUSE","scada":false}}},{"description":"SUSE Linux Enterprise High Availability 15-SP3","product":{"name":"N/A","vendor":{"name":"SUSE","scada":false}}},{"description":"SUSE Linux Enterprise Server for SAP 12-SP4","product":{"name":"SUSE Linux Enterprise Server","vendor":{"name":"SUSE","scada":false}}},{"description":"SUSE Linux Enterprise Module for Live Patching 15-SP3","product":{"name":"N/A","vendor":{"name":"SUSE","scada":false}}},{"description":"SUSE Linux Enterprise Server 12-SP4-LTSS","product":{"name":"SUSE Linux Enterprise Server","vendor":{"name":"SUSE","scada":false}}},{"description":"SUSE Linux Enterprise Server for SAP Applications","product":{"name":"SUSE Linux Enterprise Server","vendor":{"name":"SUSE","scada":false}}},{"description":"SUSE Linux Enterprise Workstation Extension 15-SP4","product":{"name":"N/A","vendor":{"name":"SUSE","scada":false}}},{"description":"SUSE Linux Enterprise Module for Legacy Software 15-SP4","product":{"name":"N/A","vendor":{"name":"SUSE","scada":false}}},{"description":"SUSE Manager Retail Branch Server 4.2","product":{"name":"SUSE Manager Retail Branch Server","vendor":{"name":"SUSE","scada":false}}},{"description":"SUSE CaaS Platform 4.0","product":{"name":"N/A","vendor":{"name":"SUSE","scada":false}}},{"description":"SUSE OpenStack Cloud Crowbar 9","product":{"name":"N/A","vendor":{"name":"SUSE","scada":false}}},{"description":"SUSE Manager Proxy 4.2","product":{"name":"SUSE Manager Proxy","vendor":{"name":"SUSE","scada":false}}},{"description":"SUSE Manager Retail Branch Server 4.3","product":{"name":"SUSE Manager Retail Branch Server","vendor":{"name":"SUSE","scada":false}}},{"description":"SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS","product":{"name":"SUSE Linux Enterprise High Performance Computing","vendor":{"name":"SUSE","scada":false}}},{"description":"openSUSE Leap 15.4","product":{"name":"openSUSE Leap","vendor":{"name":"SUSE","scada":false}}},{"description":"SUSE Linux Enterprise Micro 5.2","product":{"name":"SUSE Linux Enterprise Micro","vendor":{"name":"SUSE","scada":false}}},{"description":"SUSE Manager Server 4.2","product":{"name":"SUSE Manager Server","vendor":{"name":"SUSE","scada":false}}},{"description":"SUSE Linux Enterprise Server for SAP 15-SP3","product":{"name":"SUSE Linux Enterprise Server","vendor":{"name":"SUSE","scada":false}}},{"description":"SUSE Linux Enterprise Micro 5.1","product":{"name":"SUSE Linux Enterprise Micro","vendor":{"name":"SUSE","scada":false}}},{"description":"SUSE Linux Enterprise Server for SAP 15-SP1","product":{"name":"SUSE Linux Enterprise Server","vendor":{"name":"SUSE","scada":false}}},{"description":"SUSE Linux Enterprise Server 12-SP2-BCL","product":{"name":"SUSE Linux Enterprise Server","vendor":{"name":"SUSE","scada":false}}},{"description":"SUSE Linux Enterprise Micro 5.3","product":{"name":"SUSE Linux Enterprise Micro","vendor":{"name":"SUSE","scada":false}}},{"description":"SUSE Linux Enterprise Module for Live Patching 15-SP1","product":{"name":"N/A","vendor":{"name":"SUSE","scada":false}}},{"description":"SUSE Linux Enterprise High Performance Computing","product":{"name":"SUSE Linux Enterprise High Performance Computing","vendor":{"name":"SUSE","scada":false}}},{"description":"SUSE Enterprise Storage 7","product":{"name":"N/A","vendor":{"name":"SUSE","scada":false}}},{"description":"SUSE Linux Enterprise Module for Live Patching 15-SP4","product":{"name":"N/A","vendor":{"name":"SUSE","scada":false}}},{"description":"openSUSE Leap Micro 5.3","product":{"name":"openSUSE Leap","vendor":{"name":"SUSE","scada":false}}},{"description":"SUSE Linux Enterprise Server for SAP Applications 15-SP4","product":{"name":"SUSE Linux Enterprise Server","vendor":{"name":"SUSE","scada":false}}},{"description":"SUSE Linux Enterprise Server for SAP 15-SP2","product":{"name":"SUSE Linux Enterprise Server","vendor":{"name":"SUSE","scada":false}}},{"description":"SUSE Linux Enterprise High Availability 15-SP2","product":{"name":"N/A","vendor":{"name":"SUSE","scada":false}}},{"description":"SUSE Linux Enterprise Module for Public Cloud 15-SP4","product":{"name":"N/A","vendor":{"name":"SUSE","scada":false}}},{"description":"SUSE Linux Enterprise Desktop 15-SP4","product":{"name":"SUSE Linux Enterprise Desktop","vendor":{"name":"SUSE","scada":false}}},{"description":"SUSE Linux Enterprise High Performance Computing 15-SP4","product":{"name":"SUSE Linux Enterprise High Performance Computing","vendor":{"name":"SUSE","scada":false}}},{"description":"SUSE Enterprise Storage 7.1","product":{"name":"N/A","vendor":{"name":"SUSE","scada":false}}},{"description":"SUSE Manager Proxy 4.3","product":{"name":"SUSE Manager Proxy","vendor":{"name":"SUSE","scada":false}}},{"description":"SUSE Linux Enterprise Server 15-SP2-LTSS","product":{"name":"SUSE Linux Enterprise Server","vendor":{"name":"SUSE","scada":false}}},{"description":"SUSE Linux Enterprise Module for Development Tools 15-SP4","product":{"name":"N/A","vendor":{"name":"SUSE","scada":false}}},{"description":"SUSE Linux Enterprise Server 11-SP4-LTSS-EXTREME-CORE","product":{"name":"SUSE Linux Enterprise Server","vendor":{"name":"SUSE","scada":false}}},{"description":"SUSE Linux Enterprise Server 15-SP1-LTSS","product":{"name":"SUSE Linux Enterprise Server","vendor":{"name":"SUSE","scada":false}}},{"description":"openSUSE Leap Micro 5.2","product":{"name":"openSUSE Leap","vendor":{"name":"SUSE","scada":false}}},{"description":"SUSE OpenStack Cloud 9","product":{"name":"N/A","vendor":{"name":"SUSE","scada":false}}},{"description":"SUSE Linux Enterprise High Availability 15-SP1","product":{"name":"N/A","vendor":{"name":"SUSE","scada":false}}},{"description":"SUSE Linux Enterprise High Performance Computing 15-SP3-LTSS","product":{"name":"SUSE Linux Enterprise High Performance Computing","vendor":{"name":"SUSE","scada":false}}},{"description":"SUSE Linux Enterprise Server","product":{"name":"SUSE Linux Enterprise Server","vendor":{"name":"SUSE","scada":false}}},{"description":"SUSE Linux Enterprise Server 15-SP4","product":{"name":"SUSE Linux Enterprise Server","vendor":{"name":"SUSE","scada":false}}},{"description":"SUSE Linux Enterprise Module for Live Patching 15-SP2","product":{"name":"N/A","vendor":{"name":"SUSE","scada":false}}},{"description":"SUSE Linux Enterprise High Availability 12-SP4","product":{"name":"N/A","vendor":{"name":"SUSE","scada":false}}},{"description":"SUSE Linux Enterprise Live Patching 12-SP4","product":{"name":"SUSE Linux Enterprise Live Patching","vendor":{"name":"SUSE","scada":false}}},{"description":"SUSE Manager Server 4.3","product":{"name":"SUSE Manager Server","vendor":{"name":"SUSE","scada":false}}},{"description":"SUSE Linux Enterprise Module for Basesystem 15-SP4","product":{"name":"N/A","vendor":{"name":"SUSE","scada":false}}},{"description":"SUSE Linux Enterprise Realtime Extension 15-SP3","product":{"name":"N/A","vendor":{"name":"SUSE","scada":false}}},{"description":"SUSE Linux Enterprise High Performance Computing 15-SP3-ESPOS","product":{"name":"SUSE Linux Enterprise High Performance Computing","vendor":{"name":"SUSE","scada":false}}}],"affected_systems_content":null,"content":"## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2022-47520","url":"https://www.cve.org/CVERecord?id=CVE-2022-47520"},{"name":"CVE-2022-45934","url":"https://www.cve.org/CVERecord?id=CVE-2022-45934"},{"name":"CVE-2022-28356","url":"https://www.cve.org/CVERecord?id=CVE-2022-28356"},{"name":"CVE-2023-23454","url":"https://www.cve.org/CVERecord?id=CVE-2023-23454"},{"name":"CVE-2022-21127","url":"https://www.cve.org/CVERecord?id=CVE-2022-21127"},{"name":"CVE-2022-47929","url":"https://www.cve.org/CVERecord?id=CVE-2022-47929"},{"name":"CVE-2022-42329","url":"https://www.cve.org/CVERecord?id=CVE-2022-42329"},{"name":"CVE-2022-1652","url":"https://www.cve.org/CVERecord?id=CVE-2022-1652"},{"name":"CVE-2023-23455","url":"https://www.cve.org/CVERecord?id=CVE-2023-23455"},{"name":"CVE-2020-15393","url":"https://www.cve.org/CVERecord?id=CVE-2020-15393"},{"name":"CVE-2022-20132","url":"https://www.cve.org/CVERecord?id=CVE-2022-20132"},{"name":"CVE-2022-29900","url":"https://www.cve.org/CVERecord?id=CVE-2022-29900"},{"name":"CVE-2022-29901","url":"https://www.cve.org/CVERecord?id=CVE-2022-29901"},{"name":"CVE-2023-0266","url":"https://www.cve.org/CVERecord?id=CVE-2023-0266"},{"name":"CVE-2020-36557","url":"https://www.cve.org/CVERecord?id=CVE-2020-36557"},{"name":"CVE-2022-42895","url":"https://www.cve.org/CVERecord?id=CVE-2022-42895"},{"name":"CVE-2022-3643","url":"https://www.cve.org/CVERecord?id=CVE-2022-3643"},{"name":"CVE-2022-43750","url":"https://www.cve.org/CVERecord?id=CVE-2022-43750"},{"name":"CVE-2022-21166","url":"https://www.cve.org/CVERecord?id=CVE-2022-21166"},{"name":"CVE-2022-3435","url":"https://www.cve.org/CVERecord?id=CVE-2022-3435"},{"name":"CVE-2022-20166","url":"https://www.cve.org/CVERecord?id=CVE-2022-20166"},{"name":"CVE-2022-4662","url":"https://www.cve.org/CVERecord?id=CVE-2022-4662"},{"name":"CVE-2022-41858","url":"https://www.cve.org/CVERecord?id=CVE-2022-41858"},{"name":"CVE-2022-3564","url":"https://www.cve.org/CVERecord?id=CVE-2022-3564"},{"name":"CVE-2021-33656","url":"https://www.cve.org/CVERecord?id=CVE-2021-33656"},{"name":"CVE-2022-3903","url":"https://www.cve.org/CVERecord?id=CVE-2022-3903"},{"name":"CVE-2019-3837","url":"https://www.cve.org/CVERecord?id=CVE-2019-3837"},{"name":"CVE-2022-41218","url":"https://www.cve.org/CVERecord?id=CVE-2022-41218"},{"name":"CVE-2022-4382","url":"https://www.cve.org/CVERecord?id=CVE-2022-4382"},{"name":"CVE-2022-42896","url":"https://www.cve.org/CVERecord?id=CVE-2022-42896"},{"name":"CVE-2022-21499","url":"https://www.cve.org/CVERecord?id=CVE-2022-21499"},{"name":"CVE-2020-24588","url":"https://www.cve.org/CVERecord?id=CVE-2020-24588"},{"name":"CVE-2022-3112","url":"https://www.cve.org/CVERecord?id=CVE-2022-3112"},{"name":"CVE-2023-0179","url":"https://www.cve.org/CVERecord?id=CVE-2023-0179"},{"name":"CVE-2022-44033","url":"https://www.cve.org/CVERecord?id=CVE-2022-44033"},{"name":"CVE-2021-33655","url":"https://www.cve.org/CVERecord?id=CVE-2021-33655"},{"name":"CVE-2022-1462","url":"https://www.cve.org/CVERecord?id=CVE-2022-1462"},{"name":"CVE-2022-4095","url":"https://www.cve.org/CVERecord?id=CVE-2022-4095"},{"name":"CVE-2022-21125","url":"https://www.cve.org/CVERecord?id=CVE-2022-21125"},{"name":"CVE-2022-1048","url":"https://www.cve.org/CVERecord?id=CVE-2022-1048"},{"name":"CVE-2022-2663","url":"https://www.cve.org/CVERecord?id=CVE-2022-2663"},{"name":"CVE-2022-3107","url":"https://www.cve.org/CVERecord?id=CVE-2022-3107"},{"name":"CVE-2022-3649","url":"https://www.cve.org/CVERecord?id=CVE-2022-3649"},{"name":"CVE-2021-34981","url":"https://www.cve.org/CVERecord?id=CVE-2021-34981"},{"name":"CVE-2022-41848","url":"https://www.cve.org/CVERecord?id=CVE-2022-41848"},{"name":"CVE-2022-3524","url":"https://www.cve.org/CVERecord?id=CVE-2022-3524"},{"name":"CVE-2018-7755","url":"https://www.cve.org/CVERecord?id=CVE-2018-7755"},{"name":"CVE-2022-39188","url":"https://www.cve.org/CVERecord?id=CVE-2022-39188"},{"name":"CVE-2022-3586","url":"https://www.cve.org/CVERecord?id=CVE-2022-3586"},{"name":"CVE-2022-41850","url":"https://www.cve.org/CVERecord?id=CVE-2022-41850"},{"name":"CVE-2022-3646","url":"https://www.cve.org/CVERecord?id=CVE-2022-3646"},{"name":"CVE-2021-39713","url":"https://www.cve.org/CVERecord?id=CVE-2021-39713"},{"name":"CVE-2022-1011","url":"https://www.cve.org/CVERecord?id=CVE-2022-1011"},{"name":"CVE-2022-42328","url":"https://www.cve.org/CVERecord?id=CVE-2022-42328"},{"name":"CVE-2021-45868","url":"https://www.cve.org/CVERecord?id=CVE-2021-45868"},{"name":"CVE-2022-3565","url":"https://www.cve.org/CVERecord?id=CVE-2022-3565"},{"name":"CVE-2022-21123","url":"https://www.cve.org/CVERecord?id=CVE-2022-21123"},{"name":"CVE-2022-3115","url":"https://www.cve.org/CVERecord?id=CVE-2022-3115"},{"name":"CVE-2022-20368","url":"https://www.cve.org/CVERecord?id=CVE-2022-20368"},{"name":"CVE-2022-2318","url":"https://www.cve.org/CVERecord?id=CVE-2022-2318"},{"name":"CVE-2019-3900","url":"https://www.cve.org/CVERecord?id=CVE-2019-3900"},{"name":"CVE-2021-26341","url":"https://www.cve.org/CVERecord?id=CVE-2021-26341"},{"name":"CVE-2022-36946","url":"https://www.cve.org/CVERecord?id=CVE-2022-36946"},{"name":"CVE-2022-3303","url":"https://www.cve.org/CVERecord?id=CVE-2022-3303"},{"name":"CVE-2022-3424","url":"https://www.cve.org/CVERecord?id=CVE-2022-3424"},{"name":"CVE-2022-1679","url":"https://www.cve.org/CVERecord?id=CVE-2022-1679"},{"name":"CVE-2022-3108","url":"https://www.cve.org/CVERecord?id=CVE-2022-3108"},{"name":"CVE-2022-36879","url":"https://www.cve.org/CVERecord?id=CVE-2022-36879"},{"name":"CVE-2022-1353","url":"https://www.cve.org/CVERecord?id=CVE-2022-1353"},{"name":"CVE-2020-16119","url":"https://www.cve.org/CVERecord?id=CVE-2020-16119"},{"name":"CVE-2017-13695","url":"https://www.cve.org/CVERecord?id=CVE-2017-13695"},{"name":"CVE-2022-20369","url":"https://www.cve.org/CVERecord?id=CVE-2022-20369"},{"name":"CVE-2022-21385","url":"https://www.cve.org/CVERecord?id=CVE-2022-21385"},{"name":"CVE-2022-44032","url":"https://www.cve.org/CVERecord?id=CVE-2022-44032"},{"name":"CVE-2022-3621","url":"https://www.cve.org/CVERecord?id=CVE-2022-3621"},{"name":"CVE-2022-3606","url":"https://www.cve.org/CVERecord?id=CVE-2022-3606"},{"name":"CVE-2022-40768","url":"https://www.cve.org/CVERecord?id=CVE-2022-40768"},{"name":"CVE-2022-21180","url":"https://www.cve.org/CVERecord?id=CVE-2022-21180"},{"name":"CVE-2018-9517","url":"https://www.cve.org/CVERecord?id=CVE-2018-9517"},{"name":"CVE-2022-3028","url":"https://www.cve.org/CVERecord?id=CVE-2022-3028"},{"name":"CVE-2023-0590","url":"https://www.cve.org/CVERecord?id=CVE-2023-0590"},{"name":"CVE-2022-3105","url":"https://www.cve.org/CVERecord?id=CVE-2022-3105"},{"name":"CVE-2022-3566","url":"https://www.cve.org/CVERecord?id=CVE-2022-3566"},{"name":"CVE-2022-33981","url":"https://www.cve.org/CVERecord?id=CVE-2022-33981"},{"name":"CVE-2022-3635","url":"https://www.cve.org/CVERecord?id=CVE-2022-3635"},{"name":"CVE-2023-0122","url":"https://www.cve.org/CVERecord?id=CVE-2023-0122"},{"name":"CVE-2020-36558","url":"https://www.cve.org/CVERecord?id=CVE-2020-36558"}],"links":[{"title":"Bulletin de s\u00e9curit\u00e9 SUSE du 14 f\u00e9vrier 2023","url":"https://www.suse.com/support/update/announcement/2023/suse-su-20230407-1/"},{"title":"Bulletin de s\u00e9curit\u00e9 SUSE du 14 f\u00e9vrier 2023","url":"https://www.suse.com/support/update/announcement/2023/suse-su-20230409-1/"},{"title":"Bulletin de s\u00e9curit\u00e9 SUSE du 15 f\u00e9vrier 2023","url":"https://www.suse.com/support/update/announcement/2023/suse-su-20230420-1/"},{"title":"Bulletin de s\u00e9curit\u00e9 SUSE du 16 f\u00e9vrier 2023","url":"https://www.suse.com/support/update/announcement/2023/suse-su-20230433-1/"},{"title":"Bulletin de s\u00e9curit\u00e9 SUSE du 13 f\u00e9vrier 2023","url":"https://www.suse.com/support/update/announcement/2023/suse-su-20230394-1/"},{"title":"Bulletin de s\u00e9curit\u00e9 SUSE du 15 f\u00e9vrier 2023","url":"https://www.suse.com/support/update/announcement/2023/suse-su-20230416-1/"},{"title":"Bulletin de s\u00e9curit\u00e9 SUSE du 14 f\u00e9vrier 2023","url":"https://www.suse.com/support/update/announcement/2023/suse-su-20230406-1/"},{"title":"Bulletin de s\u00e9curit\u00e9 SUSE du 14 f\u00e9vrier 2023","url":"https://www.suse.com/support/update/announcement/2023/suse-su-20230410-1/"}],"reference":"CERTFR-2023-AVI-0148","revisions":[{"description":"Version initiale","revision_date":"2023-02-17T00:00:00.000000"}],"risks":[{"description":"D\u00e9ni de service \u00e0 distance"},{"description":"Atteinte \u00e0 l'int\u00e9grit\u00e9 des donn\u00e9es"},{"description":"Ex\u00e9cution de code arbitraire"},{"description":"Non sp\u00e9cifi\u00e9 par l'\u00e9diteur"},{"description":"Contournement de la politique de s\u00e9curit\u00e9"},{"description":"Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"},{"description":"\u00c9l\u00e9vation de privil\u00e8ges"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans <span\nclass=\"textit\">le noyau Linux de SUSE</span>. Elles permettent \u00e0 un\nattaquant de provoquer une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es, un\nd\u00e9ni de service \u00e0 distance, une atteinte \u00e0 l'int\u00e9grit\u00e9 des donn\u00e9es, une\nex\u00e9cution de code arbitraire, une \u00e9l\u00e9vation de privil\u00e8ges et un\ncontournement de la politique de s\u00e9curit\u00e9.\n","title":"Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de SUSE","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2023:0394-1 du 13 f\u00e9vrier 2023","url":null},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2023:0416-1 du 15 f\u00e9vrier 2023","url":null},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2023:0420-1 du 15 f\u00e9vrier 2023","url":null},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2023:0406-1 du 14 f\u00e9vrier 2023","url":null},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2023:0410-1 du 14 f\u00e9vrier 2023","url":null},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2023:0409-1 du 14 f\u00e9vrier 2023","url":null},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2023:0433-1 du 16 f\u00e9vrier 2023","url":null},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2023:0407-1 du 14 f\u00e9vrier 2023","url":null}]}