Описание
Security update for the Linux Kernel RT (Live Patch 1 for SLE 15 SP4)
This update for the Linux Kernel 5.14.21-150400_15_5 fixes several issues.
The following security issues were fixed:
- CVE-2023-0590: Fixed race condition in qdisc_graft() (bsc#1207795).
- CVE-2023-1652: Fixed use-after-free that could lead to DoS and information leak in nfsd4_ssc_setup_dul in fs/nfsd/nfs4proc.c (bsc#1209788).
- CVE-2023-1118: Fixed a use-after-free bugs caused by ene_tx_irqsim() in media/rc (bsc#1208837).
Список пакетов
SUSE Linux Enterprise Live Patching 15 SP4
Ссылки
- Link for SUSE-SU-2023:1975-1
- E-Mail link for SUSE-SU-2023:1975-1
- SUSE Security Ratings
- SUSE Bug 1207822
- SUSE Bug 1208910
- SUSE Bug 1209797
- SUSE CVE CVE-2023-0590 page
- SUSE CVE CVE-2023-1118 page
- SUSE CVE CVE-2023-1652 page
Описание
A use-after-free flaw was found in qdisc_graft in net/sched/sch_api.c in the Linux Kernel due to a race problem. This flaw leads to a denial of service issue. If patch ebda44da44f6 ("net: sched: fix race condition in qdisc_graft()") not applied yet, then kernel could be affected.
Затронутые продукты
Ссылки
- CVE-2023-0590
- SUSE Bug 1207795
- SUSE Bug 1207822
- SUSE Bug 1211495
- SUSE Bug 1211833
Описание
A flaw use after free in the Linux kernel integrated infrared receiver/transceiver driver was found in the way user detaching rc device. A local user could use this flaw to crash the system or potentially escalate their privileges on the system.
Затронутые продукты
Ссылки
- CVE-2023-1118
- SUSE Bug 1208837
- SUSE Bug 1208910
- SUSE Bug 1210423
- SUSE Bug 1211495
- SUSE Bug 1213841
- SUSE Bug 1213842
Описание
A use-after-free flaw was found in nfsd4_ssc_setup_dul in fs/nfsd/nfs4proc.c in the NFS filesystem in the Linux Kernel. This issue could allow a local attacker to crash the system or it may lead to a kernel information leak problem.
Затронутые продукты
Ссылки
- CVE-2023-1652
- SUSE Bug 1209788
- SUSE Bug 1209797