SUSE-SU-2023:2032-1

Опубликовано: 26 апр. 2023

Источник: suse-cvrf

Описание

Security update for the Linux Kernel (Live Patch 10 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-150400_24_55 fixes one issue.

The following security issue was fixed:

CVE-2023-1652: Fixed use-after-free that could lead to DoS and information leak in nfsd4_ssc_setup_dul in fs/nfsd/nfs4proc.c (bsc#1209788).

Список пакетов

SUSE Linux Enterprise Live Patching 15 SP4

kernel-livepatch-5_14_21-150400_24_55-default-2-150400.2.2

Ссылки

https://www.suse.com/support/update/announcement/2023/suse-su-20232032-1/
Link for SUSE-SU-2023:2032-1
https://lists.suse.com/pipermail/sle-security-updates/2023-April/014586.html
E-Mail link for SUSE-SU-2023:2032-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1209797
SUSE Bug 1209797
https://www.suse.com/security/cve/CVE-2023-1652/
SUSE CVE CVE-2023-1652 page

Описание

A use-after-free flaw was found in nfsd4_ssc_setup_dul in fs/nfsd/nfs4proc.c in the NFS filesystem in the Linux Kernel. This issue could allow a local attacker to crash the system or it may lead to a kernel information leak problem.

Затронутые продукты

SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_55-default-2-150400.2.2

Ссылки

https://www.suse.com/security/cve/CVE-2023-1652.html
CVE-2023-1652
https://bugzilla.suse.com/1209788
SUSE Bug 1209788
https://bugzilla.suse.com/1209797
SUSE Bug 1209797

SUSE-SU-2023:2032-1

Описание

Список пакетов

SUSE Linux Enterprise Live Patching 15 SP4

Ссылки

Уязвимость: CVE-2023-1652

Описание

Затронутые продукты

Ссылки