SUSE-SU-2023:3819-1

Опубликовано: 27 сент. 2023

Источник: suse-cvrf

Описание

Security update for busybox

This update for busybox fixes the following issues:

CVE-2022-48174: Fixed stack overflow vulnerability. (bsc#1214538)

Список пакетов

SUSE Enterprise Storage 7

busybox-1.35.0-150000.4.20.1

busybox-static-1.35.0-150000.4.20.1

SUSE Enterprise Storage 7.1

busybox-1.35.0-150000.4.20.1

busybox-static-1.35.0-150000.4.20.1

SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS

busybox-1.35.0-150000.4.20.1

busybox-static-1.35.0-150000.4.20.1

SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS

busybox-1.35.0-150000.4.20.1

busybox-static-1.35.0-150000.4.20.1

SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS

busybox-1.35.0-150000.4.20.1

busybox-static-1.35.0-150000.4.20.1

SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS

busybox-1.35.0-150000.4.20.1

busybox-static-1.35.0-150000.4.20.1

SUSE Linux Enterprise Server 15 SP1-LTSS

busybox-1.35.0-150000.4.20.1

busybox-static-1.35.0-150000.4.20.1

SUSE Linux Enterprise Server 15 SP2-LTSS

busybox-1.35.0-150000.4.20.1

busybox-static-1.35.0-150000.4.20.1

SUSE Linux Enterprise Server 15 SP3-LTSS

busybox-1.35.0-150000.4.20.1

busybox-static-1.35.0-150000.4.20.1

SUSE Linux Enterprise Server for SAP Applications 15 SP1

busybox-1.35.0-150000.4.20.1

busybox-static-1.35.0-150000.4.20.1

SUSE Linux Enterprise Server for SAP Applications 15 SP2

busybox-1.35.0-150000.4.20.1

busybox-static-1.35.0-150000.4.20.1

SUSE Linux Enterprise Server for SAP Applications 15 SP3

busybox-1.35.0-150000.4.20.1

busybox-static-1.35.0-150000.4.20.1

SUSE Manager Proxy 4.2

busybox-1.35.0-150000.4.20.1

busybox-static-1.35.0-150000.4.20.1

SUSE Manager Server 4.2

busybox-1.35.0-150000.4.20.1

busybox-static-1.35.0-150000.4.20.1

Ссылки

https://www.suse.com/support/update/announcement/2023/suse-su-20233819-1/
Link for SUSE-SU-2023:3819-1
https://lists.suse.com/pipermail/sle-updates/2023-September/031746.html
E-Mail link for SUSE-SU-2023:3819-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1214538
SUSE Bug 1214538
https://www.suse.com/security/cve/CVE-2022-48174/
SUSE CVE CVE-2022-48174 page

Описание

There is a stack overflow vulnerability in ash.c:6030 in busybox before 1.35. In the environment of Internet of Vehicles, this vulnerability can be executed from command to arbitrary code execution.

Затронутые продукты

SUSE Enterprise Storage 7.1:busybox-1.35.0-150000.4.20.1

SUSE Enterprise Storage 7.1:busybox-static-1.35.0-150000.4.20.1

SUSE Enterprise Storage 7:busybox-1.35.0-150000.4.20.1

SUSE Enterprise Storage 7:busybox-static-1.35.0-150000.4.20.1

Ссылки

https://www.suse.com/security/cve/CVE-2022-48174.html
CVE-2022-48174
https://bugzilla.suse.com/1214538
SUSE Bug 1214538
https://bugzilla.suse.com/1224426
SUSE Bug 1224426
https://bugzilla.suse.com/1225678
SUSE Bug 1225678

SUSE-SU-2023:3819-1

Описание

Список пакетов

SUSE Enterprise Storage 7

SUSE Enterprise Storage 7.1

SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS

SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS

SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS

SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS

SUSE Linux Enterprise Server 15 SP1-LTSS

SUSE Linux Enterprise Server 15 SP2-LTSS

SUSE Linux Enterprise Server 15 SP3-LTSS

SUSE Linux Enterprise Server for SAP Applications 15 SP1

SUSE Linux Enterprise Server for SAP Applications 15 SP2

SUSE Linux Enterprise Server for SAP Applications 15 SP3

SUSE Manager Proxy 4.2

SUSE Manager Server 4.2

Ссылки

Уязвимость: CVE-2022-48174

Описание

Затронутые продукты

Ссылки