Описание
Security update for the Linux Kernel
The SUSE Linux Enterprise 11 SP4 LTSS EXTREME CORE kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2023-2162: Fixed an use-after-free flaw in iscsi_sw_tcp_session_create (bsc#1210647).
- CVE-2023-32269: Fixed a use-after-free in af_netrom.c, related to the fact that accept() was also allowed for a successfully connected AF_NETROM socket (bsc#1211186).
- CVE-2023-1989: Fixed a use after free in btsdio_remove (bsc#1210336).
- CVE-2017-5753: Fixed spectre vulnerability in prlimit (bsc#1209256).
- CVE-2023-1670: Fixed a use after free in the Xircom 16-bit PCMCIA Ethernet driver. A local user could use this flaw to crash the system or potentially escalate their privileges on the system (bsc#1209871).
- CVE-2023-1513: Fixed an uninitialized portions of the kvm_debugregs structure that could be copied to userspace, causing an information leak (bsc#1209532).
- CVE-2023-28328: Fixed a denial of service issue in az6027 driver in drivers/media/usb/dev-usb/az6027.c (bsc#1209291).
- CVE-2023-0590: Fixed race condition in qdisc_graft() (bsc#1207795).
- CVE-2018-9517: Fixed possible memory corruption due to a use after free in pppol2tp_connect (bsc#1108488).
- CVE-2023-1118: Fixed a use-after-free bugs caused by ene_tx_irqsim() in media/rc (bsc#1208837).
- CVE-2023-23559: Fixed integer overflow in rndis_wlan that leads to a buffer overflow (bsc#1207051).
- CVE-2023-23454: Fixed a type-confusion in the CBQ network scheduler (bsc#1207036).
- CVE-2023-23455: Fixed a denial of service inside atm_tc_enqueue in net/sched/sch_atm.c because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results) (bsc#1207125).
- CVE-2022-3567: Fixed a to race condition in inet6_stream_ops()/inet6_dgram_ops() (bsc#1204414).
The following non-security bugs were fixed:
- Do not sign the vanilla kernel (bsc#1209008).
- do not fallthrough in cbq_classify and stop on TC_ACT_SHOT
Список пакетов
SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE
Ссылки
- Link for SUSE-SU-2023:2506-1
- E-Mail link for SUSE-SU-2023:2506-1
- SUSE Security Ratings
- SUSE Bug 1108488
- SUSE Bug 1204414
- SUSE Bug 1207036
- SUSE Bug 1207051
- SUSE Bug 1207125
- SUSE Bug 1207795
- SUSE Bug 1208837
- SUSE Bug 1209008
- SUSE Bug 1209256
- SUSE Bug 1209291
- SUSE Bug 1209532
- SUSE Bug 1209871
- SUSE Bug 1210336
- SUSE Bug 1210647
- SUSE Bug 1211186
- SUSE CVE CVE-2017-5753 page
- SUSE CVE CVE-2018-9517 page
Описание
Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
Затронутые продукты
Ссылки
- CVE-2017-5753
- SUSE Bug 1068032
- SUSE Bug 1074562
- SUSE Bug 1074578
- SUSE Bug 1074701
- SUSE Bug 1075006
- SUSE Bug 1075419
- SUSE Bug 1075748
- SUSE Bug 1080039
- SUSE Bug 1087084
- SUSE Bug 1087939
- SUSE Bug 1089055
- SUSE Bug 1136865
- SUSE Bug 1178658
- SUSE Bug 1201877
- SUSE Bug 1209547
Описание
In pppol2tp_connect, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. Android ID: A-38159931.
Затронутые продукты
Ссылки
- CVE-2018-9517
- SUSE Bug 1108488
Описание
A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects the function inet6_stream_ops/inet6_dgram_ops of the component IPv6 Handler. The manipulation leads to race condition. It is recommended to apply a patch to fix this issue. VDB-211090 is the identifier assigned to this vulnerability.
Затронутые продукты
Ссылки
- CVE-2022-3567
- SUSE Bug 1204414
Описание
A use-after-free flaw was found in qdisc_graft in net/sched/sch_api.c in the Linux Kernel due to a race problem. This flaw leads to a denial of service issue. If patch ebda44da44f6 ("net: sched: fix race condition in qdisc_graft()") not applied yet, then kernel could be affected.
Затронутые продукты
Ссылки
- CVE-2023-0590
- SUSE Bug 1207795
- SUSE Bug 1207822
- SUSE Bug 1211495
- SUSE Bug 1211833
Описание
A flaw use after free in the Linux kernel integrated infrared receiver/transceiver driver was found in the way user detaching rc device. A local user could use this flaw to crash the system or potentially escalate their privileges on the system.
Затронутые продукты
Ссылки
- CVE-2023-1118
- SUSE Bug 1208837
- SUSE Bug 1208910
- SUSE Bug 1210423
- SUSE Bug 1211495
- SUSE Bug 1213841
- SUSE Bug 1213842
Описание
A flaw was found in KVM. When calling the KVM_GET_DEBUGREGS ioctl, on 32-bit systems, there might be some uninitialized portions of the kvm_debugregs structure that could be copied to userspace, causing an information leak.
Затронутые продукты
Ссылки
- CVE-2023-1513
- SUSE Bug 1209532
Описание
A flaw use after free in the Linux kernel Xircom 16-bit PCMCIA (PC-card) Ethernet driver was found.A local user could use this flaw to crash the system or potentially escalate their privileges on the system.
Затронутые продукты
Ссылки
- CVE-2023-1670
- SUSE Bug 1209871
- SUSE Bug 1222212
Описание
A use-after-free flaw was found in btsdio_remove in drivers\bluetooth\btsdio.c in the Linux Kernel. In this flaw, a call to btsdio_remove with an unfinished job, may cause a race problem leading to a UAF on hdev devices.
Затронутые продукты
Ссылки
- CVE-2023-1989
- SUSE Bug 1210336
- SUSE Bug 1210500
- SUSE Bug 1213841
- SUSE Bug 1213842
- SUSE Bug 1214128
Описание
A use-after-free vulnerability was found in iscsi_sw_tcp_session_create in drivers/scsi/iscsi_tcp.c in SCSI sub-component in the Linux Kernel. In this flaw an attacker could leak kernel internal information.
Затронутые продукты
Ссылки
- CVE-2023-2162
- SUSE Bug 1210647
- SUSE Bug 1210662
- SUSE Bug 1213841
- SUSE Bug 1213842
- SUSE Bug 1214128
- SUSE Bug 1222212
Описание
cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service (slab-out-of-bounds read) because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results).
Затронутые продукты
Ссылки
- CVE-2023-23454
- SUSE Bug 1207036
- SUSE Bug 1207188
- SUSE Bug 1208030
- SUSE Bug 1208044
- SUSE Bug 1208085
- SUSE Bug 1211833
Описание
atm_tc_enqueue in net/sched/sch_atm.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results).
Затронутые продукты
Ссылки
- CVE-2023-23455
- SUSE Bug 1207125
- SUSE Bug 1207189
- SUSE Bug 1211833
Описание
In rndis_query_oid in drivers/net/wireless/rndis_wlan.c in the Linux kernel through 6.1.5, there is an integer overflow in an addition.
Затронутые продукты
Ссылки
- CVE-2023-23559
- SUSE Bug 1207051
Описание
A NULL pointer dereference flaw was found in the az6027 driver in drivers/media/usb/dev-usb/az6027.c in the Linux Kernel. The message from user space is not checked properly before transferring into the device. This flaw allows a local user to crash the system or potentially cause a denial of service.
Затронутые продукты
Ссылки
- CVE-2023-28328
- SUSE Bug 1209291
- SUSE Bug 1222212
Описание
An issue was discovered in the Linux kernel before 6.1.11. In net/netrom/af_netrom.c, there is a use-after-free because accept is also allowed for a successfully connected AF_NETROM socket. However, in order for an attacker to exploit this, the system must have netrom routing configured or the attacker must have the CAP_NET_ADMIN capability.
Затронутые продукты
Ссылки
- CVE-2023-32269
- SUSE Bug 1211186