SUSE has released a security update to address several vulnerabilities in the following products:

• SUSE Linux Enterprise High Performance Computing 15-SP3
• SUSE Linux Enterprise Micro 5.1
• SUSE Linux Enterprise Module for Live Patching 15-SP3
• SUSE Linux Enterprise Server 15-SP3
• SUSE Linux Enterprise Server for SAP Applications 15-SP3
• SUSE Linux Enterprise High Performance Computing 15-SP4
• SUSE Linux Enterprise Module for Live Patching 15-SP4
• SUSE Linux Enterprise Server 15-SP4
• SUSE Linux Enterprise Server for SAP Applications 15-SP4
• SUSE Linux Enterprise High Performance Computing 15
• SUSE Linux Enterprise High Performance Computing 15-SP1
• SUSE Linux Enterprise Live Patching 12-SP5
• SUSE Linux Enterprise Module for Live Patching 15
• SUSE Linux Enterprise Module for Live Patching 15-SP1
• SUSE Linux Enterprise Server 15
• SUSE Linux Enterprise Server 15-SP1
• SUSE Linux Enterprise Server for SAP Applications 15
• SUSE Linux Enterprise Server for SAP Applications 15-SP1
• SUSE Linux Enterprise Server 12-SP2-BCL
• SUSE Linux Enterprise Server 12-SP3-BCL
• SUSE Linux Enterprise Server 12-SP4-LTSS
• SUSE Linux Enterprise Server 12-SP5
• SUSE Linux Enterprise Server for SAP 12-SP4
• SUSE Linux Enterprise Server for SAP Applications 12-SP5
• SUSE Linux Enterprise Software Development Kit 12-SP5
• SUSE OpenStack Cloud 9
• SUSE OpenStack Cloud Crowbar 9
• SUSE Linux Enterprise Desktop 12-SP5
• SUSE Linux Enterprise Server 12-SP2-BCL
• SUSE Linux Enterprise Server 12-SP3-BCL
• SUSE Linux Enterprise Server 12-SP4-LTSS
• SUSE Linux Enterprise Server 12-SP5
• SUSE Linux Enterprise Server for SAP 12-SP4
• SUSE Linux Enterprise Server for SAP Applications 12-SP5
• SUSE Linux Enterprise Software Development Kit 12-SP5
• SUSE Linux Enterprise Workstation Extension 12-SP5
• SUSE OpenStack Cloud 9
• SUSE OpenStack Cloud Crowbar 9
• SUSE Linux Enterprise High Performance Computing 15-SP4
• SUSE Linux Enterprise Module for Web Scripting 15-SP4
• SUSE Linux Enterprise Server 15-SP4
• SUSE Linux Enterprise Server for SAP Applications 15-SP4
• SUSE Manager Proxy 4.3
• SUSE Manager Retail Branch Server 4.3
• SUSE Manager Server 4.3
• openSUSE Leap 15.4
• SUSE Enterprise Storage 7
• SUSE Linux Enterprise Desktop 15-SP3
• SUSE Linux Enterprise Desktop 15-SP4
• SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
• SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
• SUSE Linux Enterprise High Performance Computing 15-SP3
• SUSE Linux Enterprise High Performance Computing 15-SP4
• SUSE Linux Enterprise Module for Desktop Applications 15-SP3
• SUSE Linux Enterprise Module for Desktop Applications 15-SP4
• SUSE Linux Enterprise Server 15-SP2-BCL
• SUSE Linux Enterprise Server 15-SP2-LTSS
• SUSE Linux Enterprise Server 15-SP3
• SUSE Linux Enterprise Server 15-SP4
• SUSE Linux Enterprise Server for SAP 15-SP2
• SUSE Linux Enterprise Server for SAP Applications 15-SP3
• SUSE Linux Enterprise Server for SAP Applications 15-SP4
• SUSE Linux Enterprise Storage 7.1
• SUSE Manager Proxy 4.1
• SUSE Manager Proxy 4.2
• SUSE Manager Proxy 4.3
• SUSE Manager Retail Branch Server 4.1
• SUSE Manager Retail Branch Server 4.2
• SUSE Manager Retail Branch Server 4.3
• SUSE Manager Server 4.1
• SUSE Manager Server 4.2
• SUSE Manager Server 4.3
• openSUSE Leap 15.3
• openSUSE Leap 15.4

Attacker could exploit these vulnerabilities by doing the following:

• Execute arbitrary code
• Memory corruption
• Code Injection

The CERT team encourages users to review SUSE security advisory and apply the necessary updates:

• https://www.suse.com/support/update/announcement/2022/suse-su-20223080-1/
• https://www.suse.com/support/update/announcement/2022/suse-su-20223072-1/
• https://www.suse.com/support/update/announcement/2022/suse-su-20223064-1/
• https://www.suse.com/support/update/announcement/2022/suse-su-20223030-1/
• https://www.suse.com/support/update/announcement/2022/suse-su-20223020-1/
• https://www.suse.com/support/update/announcement/2022/suse-su-20223016-1/
• https://www.suse.com/support/update/announcement/2022/suse-su-20223007-1/