Описание
Security update for the Linux Kernel (Live Patch 26 for SLE 15 SP2)
This update for the Linux Kernel 5.3.18-150200_24_112 fixes one issue.
The following security issue was fixed:
- CVE-2022-3564: Fixed use-after-free in l2cap_core.c of the Bluetooth component (bsc#1206314).
Список пакетов
SUSE Linux Enterprise Live Patching 12 SP4
kgraft-patch-4_12_14-95_96-default-12-2.2
SUSE Linux Enterprise Live Patching 12 SP5
kgraft-patch-4_12_14-122_116-default-12-2.2
SUSE Linux Enterprise Live Patching 15 SP2
kernel-livepatch-5_3_18-150200_24_112-default-13-150200.2.2
Ссылки
- Link for SUSE-SU-2023:0560-1
- E-Mail link for SUSE-SU-2023:0560-1
- SUSE Security Ratings
- SUSE Bug 1206314
- SUSE CVE CVE-2022-3564 page
Описание
A vulnerability classified as critical was found in Linux Kernel. Affected by this vulnerability is the function l2cap_reassemble_sdu of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211087.
Затронутые продукты
SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_96-default-12-2.2
SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_116-default-12-2.2
SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_112-default-13-150200.2.2
Ссылки
- CVE-2022-3564
- SUSE Bug 1206073
- SUSE Bug 1206314
- SUSE Bug 1208030
- SUSE Bug 1208044
- SUSE Bug 1208085