SUSE-SU-2023:3079-1

Опубликовано: 31 июл. 2023

Источник: suse-cvrf

Описание

Security update for the Linux Kernel (Live Patch 2 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-150400_24_18 fixes several issues.

The following security issues were fixed:

CVE-2023-35788: Fixed an out-of-bounds write in the flower classifier code via TCA_FLOWER_KEY_ENC_OPTS_GENEVE packets in fl_set_geneve_opt in net/sched/cls_flower.c (bsc#1212509).
CVE-2023-2235: Fixed an use-after-free in the Performance Events system can be exploited to achieve local privilege escalation (bsc#1210987).
CVE-2023-2002: Fixed a flaw that allowed an attacker to unauthorized execution of management commands, compromising the confidentiality, integrity, and availability of Bluetooth communication (bsc#1210566).

Список пакетов

SUSE Linux Enterprise Live Patching 15 SP4

kernel-livepatch-5_14_21-150400_24_18-default-13-150400.2.2

Ссылки

https://www.suse.com/support/update/announcement/2023/suse-su-20233079-1/
Link for SUSE-SU-2023:3079-1
https://lists.suse.com/pipermail/sle-security-updates/2023-July/015712.html
E-Mail link for SUSE-SU-2023:3079-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1210566
SUSE Bug 1210566
https://bugzilla.suse.com/1210987
SUSE Bug 1210987
https://bugzilla.suse.com/1212509
SUSE Bug 1212509
https://www.suse.com/security/cve/CVE-2023-2002/
SUSE CVE CVE-2023-2002 page
https://www.suse.com/security/cve/CVE-2023-2235/
SUSE CVE CVE-2023-2235 page
https://www.suse.com/security/cve/CVE-2023-35788/
SUSE CVE CVE-2023-35788 page

Описание

A vulnerability was found in the HCI sockets implementation due to a missing capability check in net/bluetooth/hci_sock.c in the Linux Kernel. This flaw allows an attacker to unauthorized execution of management commands, compromising the confidentiality, integrity, and availability of Bluetooth communication.

Затронутые продукты

SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_18-default-13-150400.2.2

Ссылки

https://www.suse.com/security/cve/CVE-2023-2002.html
CVE-2023-2002
https://bugzilla.suse.com/1210533
SUSE Bug 1210533
https://bugzilla.suse.com/1210566
SUSE Bug 1210566

Описание

A use-after-free vulnerability in the Linux Kernel Performance Events system can be exploited to achieve local privilege escalation. The perf_group_detach function did not check the event's siblings' attach_state before calling add_event_to_groups(), but remove_on_exec made it possible to call list_del_event() on before detaching from their group, making it possible to use a dangling pointer causing a use-after-free vulnerability. We recommend upgrading past commit fd0815f632c24878e325821943edccc7fde947a2.

Затронутые продукты

SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_18-default-13-150400.2.2

Ссылки

https://www.suse.com/security/cve/CVE-2023-2235.html
CVE-2023-2235
https://bugzilla.suse.com/1210986
SUSE Bug 1210986
https://bugzilla.suse.com/1210987
SUSE Bug 1210987

Описание

An issue was discovered in fl_set_geneve_opt in net/sched/cls_flower.c in the Linux kernel before 6.3.7. It allows an out-of-bounds write in the flower classifier code via TCA_FLOWER_KEY_ENC_OPTS_GENEVE packets. This may result in denial of service or privilege escalation.

Затронутые продукты

SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_18-default-13-150400.2.2

Ссылки

https://www.suse.com/security/cve/CVE-2023-35788.html
CVE-2023-35788
https://bugzilla.suse.com/1212504
SUSE Bug 1212504
https://bugzilla.suse.com/1212509
SUSE Bug 1212509

SUSE-SU-2023:3079-1

Описание

Список пакетов

SUSE Linux Enterprise Live Patching 15 SP4

Ссылки

Уязвимость: CVE-2023-2002

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2023-2235

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2023-35788

Описание

Затронутые продукты

Ссылки