Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2023:4159-1

Опубликовано: 23 окт. 2023
Источник: suse-cvrf

Описание

Security update for suse-module-tools

This update for suse-module-tools fixes the following issues:

  • Updated to version 12.13:

    • CVE-2023-1829: Blacklisted the Linux kernel tcindex classifier module (bsc#1210335).
    • CVE-2023-23559: Blacklisted the Linux kernel RNDIS modules (bsc#1205767, jsc#PED-5731).
    • Disabled the isst_if_mbox_msr driver (bsc#1187196).

Список пакетов

Image SLES12-SP5-Azure-BYOS
suse-module-tools-12.13-3.11.1
Image SLES12-SP5-Azure-Basic-On-Demand
suse-module-tools-12.13-3.11.1
Image SLES12-SP5-Azure-HPC-BYOS
suse-module-tools-12.13-3.11.1
Image SLES12-SP5-Azure-HPC-On-Demand
suse-module-tools-12.13-3.11.1
Image SLES12-SP5-Azure-SAP-BYOS
suse-module-tools-12.13-3.11.1
Image SLES12-SP5-Azure-SAP-On-Demand
suse-module-tools-12.13-3.11.1
Image SLES12-SP5-Azure-Standard-On-Demand
suse-module-tools-12.13-3.11.1
Image SLES12-SP5-EC2-BYOS
suse-module-tools-12.13-3.11.1
Image SLES12-SP5-EC2-ECS-On-Demand
suse-module-tools-12.13-3.11.1
Image SLES12-SP5-EC2-On-Demand
suse-module-tools-12.13-3.11.1
Image SLES12-SP5-EC2-SAP-BYOS
suse-module-tools-12.13-3.11.1
Image SLES12-SP5-EC2-SAP-On-Demand
suse-module-tools-12.13-3.11.1
Image SLES12-SP5-GCE-BYOS
suse-module-tools-12.13-3.11.1
Image SLES12-SP5-GCE-On-Demand
suse-module-tools-12.13-3.11.1
Image SLES12-SP5-GCE-SAP-BYOS
suse-module-tools-12.13-3.11.1
Image SLES12-SP5-GCE-SAP-On-Demand
suse-module-tools-12.13-3.11.1
Image SLES12-SP5-SAP-Azure-LI-BYOS-Production
suse-module-tools-12.13-3.11.1
Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production
suse-module-tools-12.13-3.11.1
SUSE Linux Enterprise Server 12 SP5
suse-module-tools-12.13-3.11.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5
suse-module-tools-12.13-3.11.1

Ссылки

Описание

A use-after-free vulnerability in the Linux Kernel traffic control index filter (tcindex) can be exploited to achieve local privilege escalation. The tcindex_delete function which does not properly deactivate filters in case of a perfect hashes while deleting the underlying structure which can later lead to double freeing the structure. A local attacker user can use this vulnerability to elevate its privileges to root. We recommend upgrading past commit 8c710f75256bb3cf05ac7b1672c82b92c43f3d28.

Затронутые продукты
Image SLES12-SP5-Azure-BYOS:suse-module-tools-12.13-3.11.1
Image SLES12-SP5-Azure-Basic-On-Demand:suse-module-tools-12.13-3.11.1
Image SLES12-SP5-Azure-HPC-BYOS:suse-module-tools-12.13-3.11.1
Image SLES12-SP5-Azure-HPC-On-Demand:suse-module-tools-12.13-3.11.1
Ссылки

Описание

In rndis_query_oid in drivers/net/wireless/rndis_wlan.c in the Linux kernel through 6.1.5, there is an integer overflow in an addition.

Затронутые продукты
Image SLES12-SP5-Azure-BYOS:suse-module-tools-12.13-3.11.1
Image SLES12-SP5-Azure-Basic-On-Demand:suse-module-tools-12.13-3.11.1
Image SLES12-SP5-Azure-HPC-BYOS:suse-module-tools-12.13-3.11.1
Image SLES12-SP5-Azure-HPC-On-Demand:suse-module-tools-12.13-3.11.1
Ссылки