Описание
Security update for libbpf
This update for libbpf fixes the following issues:
- CVE-2022-3534: Fixed use-after-free in btf_dump_name_dups (bsc#1204391).
- CVE-2022-3606: Fixed null pointer dereference in find_prog_by_sec_insn() (bsc#1204502).
Список пакетов
Container bci/bci-sle15-kernel-module-devel:15.5
libbpf0-0.5.0-150400.3.3.1
Image SLES15-SP4-SAP
libbpf0-0.5.0-150400.3.3.1
Image SLES15-SP4-SAP-Azure
libbpf0-0.5.0-150400.3.3.1
Image SLES15-SP4-SAP-Azure-LI-BYOS
libbpf0-0.5.0-150400.3.3.1
Image SLES15-SP4-SAP-Azure-LI-BYOS-Production
libbpf0-0.5.0-150400.3.3.1
Image SLES15-SP4-SAP-Azure-VLI-BYOS
libbpf0-0.5.0-150400.3.3.1
Image SLES15-SP4-SAP-Azure-VLI-BYOS-Production
libbpf0-0.5.0-150400.3.3.1
Image SLES15-SP4-SAP-BYOS
libbpf0-0.5.0-150400.3.3.1
Image SLES15-SP4-SAP-BYOS-Azure
libbpf0-0.5.0-150400.3.3.1
Image SLES15-SP4-SAP-BYOS-EC2
libbpf0-0.5.0-150400.3.3.1
Image SLES15-SP4-SAP-BYOS-GCE
libbpf0-0.5.0-150400.3.3.1
Image SLES15-SP4-SAP-EC2
libbpf0-0.5.0-150400.3.3.1
Image SLES15-SP4-SAP-GCE
libbpf0-0.5.0-150400.3.3.1
Image SLES15-SP4-SAP-Hardened
libbpf0-0.5.0-150400.3.3.1
Image SLES15-SP4-SAP-Hardened-Azure
libbpf0-0.5.0-150400.3.3.1
Image SLES15-SP4-SAP-Hardened-BYOS
libbpf0-0.5.0-150400.3.3.1
Image SLES15-SP4-SAP-Hardened-BYOS-Azure
libbpf0-0.5.0-150400.3.3.1
Image SLES15-SP4-SAP-Hardened-BYOS-EC2
libbpf0-0.5.0-150400.3.3.1
Image SLES15-SP4-SAP-Hardened-BYOS-GCE
libbpf0-0.5.0-150400.3.3.1
Image SLES15-SP4-SAP-Hardened-GCE
libbpf0-0.5.0-150400.3.3.1
Image SLES15-SP4-SAPCAL
libbpf0-0.5.0-150400.3.3.1
Image SLES15-SP4-SAPCAL-Azure
libbpf0-0.5.0-150400.3.3.1
Image SLES15-SP4-SAPCAL-EC2
libbpf0-0.5.0-150400.3.3.1
Image SLES15-SP4-SAPCAL-GCE
libbpf0-0.5.0-150400.3.3.1
Image SLES15-SP5-SAP-Azure-3P
libbpf0-0.5.0-150400.3.3.1
Image SLES15-SP5-SAP-Azure-LI-BYOS
libbpf0-0.5.0-150400.3.3.1
Image SLES15-SP5-SAP-Azure-LI-BYOS-Production
libbpf0-0.5.0-150400.3.3.1
Image SLES15-SP5-SAP-Azure-VLI-BYOS
libbpf0-0.5.0-150400.3.3.1
Image SLES15-SP5-SAP-Azure-VLI-BYOS-Production
libbpf0-0.5.0-150400.3.3.1
Image SLES15-SP5-SAP-BYOS-Azure
libbpf0-0.5.0-150400.3.3.1
Image SLES15-SP5-SAP-BYOS-EC2
libbpf0-0.5.0-150400.3.3.1
Image SLES15-SP5-SAP-BYOS-GCE
libbpf0-0.5.0-150400.3.3.1
Image SLES15-SP5-SAP-Hardened-Azure
libbpf0-0.5.0-150400.3.3.1
Image SLES15-SP5-SAP-Hardened-BYOS-Azure
libbpf0-0.5.0-150400.3.3.1
Image SLES15-SP5-SAP-Hardened-BYOS-EC2
libbpf0-0.5.0-150400.3.3.1
Image SLES15-SP5-SAP-Hardened-BYOS-GCE
libbpf0-0.5.0-150400.3.3.1
Image SLES15-SP5-SAP-Hardened-GCE
libbpf0-0.5.0-150400.3.3.1
Image SLES15-SP5-SAPCAL-Azure
libbpf0-0.5.0-150400.3.3.1
Image SLES15-SP5-SAPCAL-EC2
libbpf0-0.5.0-150400.3.3.1
Image SLES15-SP5-SAPCAL-GCE
libbpf0-0.5.0-150400.3.3.1
SUSE Linux Enterprise Module for Basesystem 15 SP4
libbpf0-0.5.0-150400.3.3.1
openSUSE Leap 15.4
libbpf-devel-0.5.0-150400.3.3.1
libbpf0-0.5.0-150400.3.3.1
libbpf0-32bit-0.5.0-150400.3.3.1
Ссылки
- Link for SUSE-SU-2023:0405-1
- E-Mail link for SUSE-SU-2023:0405-1
- SUSE Security Ratings
- SUSE Bug 1204391
- SUSE Bug 1204502
- SUSE CVE CVE-2022-3534 page
- SUSE CVE CVE-2022-3606 page
Описание
A vulnerability classified as critical has been found in Linux Kernel. Affected is the function btf_dump_name_dups of the file tools/lib/bpf/btf_dump.c of the component libbpf. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211032.
Затронутые продукты
Container bci/bci-sle15-kernel-module-devel:15.5:libbpf0-0.5.0-150400.3.3.1
Image SLES15-SP4-SAP-Azure-LI-BYOS-Production:libbpf0-0.5.0-150400.3.3.1
Image SLES15-SP4-SAP-Azure-LI-BYOS:libbpf0-0.5.0-150400.3.3.1
Image SLES15-SP4-SAP-Azure-VLI-BYOS-Production:libbpf0-0.5.0-150400.3.3.1
Ссылки
- CVE-2022-3534
- SUSE Bug 1204391
Описание
A vulnerability was found in Linux Kernel. It has been classified as problematic. This affects the function find_prog_by_sec_insn of the file tools/lib/bpf/libbpf.c of the component BPF. The manipulation leads to null pointer dereference. It is recommended to apply a patch to fix this issue. The identifier VDB-211749 was assigned to this vulnerability.
Затронутые продукты
Container bci/bci-sle15-kernel-module-devel:15.5:libbpf0-0.5.0-150400.3.3.1
Image SLES15-SP4-SAP-Azure-LI-BYOS-Production:libbpf0-0.5.0-150400.3.3.1
Image SLES15-SP4-SAP-Azure-LI-BYOS:libbpf0-0.5.0-150400.3.3.1
Image SLES15-SP4-SAP-Azure-VLI-BYOS-Production:libbpf0-0.5.0-150400.3.3.1
Ссылки
- CVE-2022-3606
- SUSE Bug 1204502