SUSE-SU-2024:1278-1

Опубликовано: 12 апр. 2024

Источник: suse-cvrf

Описание

Security update for the Linux Kernel (Live Patch 10 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-150500_55_49 fixes one issue.

The following security issue was fixed:

CVE-2023-52340: Fixed ICMPv6 “Packet Too Big” packets force a DoS of the Linux kernel by forcing 100% CPU (bsc#1219296).

Список пакетов

SUSE Linux Enterprise Live Patching 15 SP5

kernel-livepatch-5_14_21-150500_55_49-default-2-150500.11.8.1

Ссылки

https://www.suse.com/support/update/announcement/2024/suse-su-20241278-1/
Link for SUSE-SU-2024:1278-1
https://lists.suse.com/pipermail/sle-updates/2024-April/034966.html
E-Mail link for SUSE-SU-2024:1278-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1219296
SUSE Bug 1219296
https://www.suse.com/security/cve/CVE-2023-52340/
SUSE CVE CVE-2023-52340 page

Описание

The IPv6 implementation in the Linux kernel before 6.3 has a net/ipv6/route.c max_size threshold that can be consumed easily, e.g., leading to a denial of service (network is unreachable errors) when IPv6 packets are sent in a loop via a raw socket.

Затронутые продукты

SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_49-default-2-150500.11.8.1

Ссылки

https://www.suse.com/security/cve/CVE-2023-52340.html
CVE-2023-52340
https://bugzilla.suse.com/1219295
SUSE Bug 1219295
https://bugzilla.suse.com/1219296
SUSE Bug 1219296
https://bugzilla.suse.com/1224298
SUSE Bug 1224298
https://bugzilla.suse.com/1224878
SUSE Bug 1224878

SUSE-SU-2024:1278-1

Описание

Список пакетов

SUSE Linux Enterprise Live Patching 15 SP5

Ссылки

Уязвимость: CVE-2023-52340

Описание

Затронутые продукты

Ссылки