Описание
Security update for the Linux Kernel (Live Patch 41 for SLE 15 SP2)
This update for the Linux Kernel 5.3.18-150200_24_166 fixes one issue.
The following security issue was fixed:
- CVE-2023-2163: Fixed an incorrect verifier pruning in BPF that could lead to unsafe code paths being incorrectly marked as safe, resulting in arbitrary read/write in kernel memory, lateral privilege escalation, and container escape. (bsc#1215519)
Список пакетов
SUSE Linux Enterprise Live Patching 15 SP2
kernel-livepatch-5_3_18-150200_24_166-default-3-150200.2.1
Ссылки
- Link for SUSE-SU-2023:4835-1
- E-Mail link for SUSE-SU-2023:4835-1
- SUSE Security Ratings
- SUSE Bug 1215519
- SUSE CVE CVE-2023-2163 page
Описание
Incorrect verifier pruning in BPF in Linux Kernel >=5.4 leads to unsafe code paths being incorrectly marked as safe, resulting in arbitrary read/write in kernel memory, lateral privilege escalation, and container escape.
Затронутые продукты
SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_166-default-3-150200.2.1
Ссылки
- CVE-2023-2163
- SUSE Bug 1215518
- SUSE Bug 1215519