Описание
Security update for the Linux Kernel (Live Patch 25 for SLE 15 SP2)
This update for the Linux Kernel 5.3.18-24_107 fixes one issue.
The following security issue was fixed:
- CVE-2022-3564: Fixed use-after-free in l2cap_core.c of the Bluetooth component (bsc#1206314).
Список пакетов
SUSE Linux Enterprise Live Patching 12 SP4
kgraft-patch-4_12_14-95_105-default-7-2.1
SUSE Linux Enterprise Live Patching 12 SP5
kgraft-patch-4_12_14-122_124-default-9-2.1
SUSE Linux Enterprise Live Patching 15 SP1
kernel-livepatch-4_12_14-150100_197_111-default-12-150100.2.2
SUSE Linux Enterprise Live Patching 15 SP2
kernel-livepatch-5_3_18-24_107-default-17-150200.2.2
Ссылки
- Link for SUSE-SU-2023:0552-1
- E-Mail link for SUSE-SU-2023:0552-1
- SUSE Security Ratings
- SUSE Bug 1206314
- SUSE CVE CVE-2022-3564 page
Описание
A vulnerability classified as critical was found in Linux Kernel. Affected by this vulnerability is the function l2cap_reassemble_sdu of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211087.
Затронутые продукты
SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_105-default-7-2.1
SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_124-default-9-2.1
SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_111-default-12-150100.2.2
SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-17-150200.2.2
Ссылки
- CVE-2022-3564
- SUSE Bug 1206073
- SUSE Bug 1206314
- SUSE Bug 1208030
- SUSE Bug 1208044
- SUSE Bug 1208085