Описание
Security update for the Linux Kernel (Live Patch 16 for SUSE Linux Enterprise 15 SP6)
This update for the SUSE Linux Enterprise kernel 6.4.0-150600.23.73 fixes various security issues
The following security issues were fixed:
- CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show() (bsc#1251787).
- CVE-2025-40204: sctp: Fix MAC comparison to be constant-time (bsc#1253437).
Список пакетов
SUSE Linux Enterprise Live Patching 15 SP6
Ссылки
- Link for SUSE-SU-2026:0204-1
- E-Mail link for SUSE-SU-2026:0204-1
- SUSE Security Ratings
- SUSE Bug 1251787
- SUSE Bug 1253437
- SUSE CVE CVE-2023-53676 page
- SUSE CVE CVE-2025-40204 page
Описание
In the Linux kernel, the following vulnerability has been resolved: scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show() The function lio_target_nacl_info_show() uses sprintf() in a loop to print details for every iSCSI connection in a session without checking for the buffer length. With enough iSCSI connections it's possible to overflow the buffer provided by configfs and corrupt the memory. This patch replaces sprintf() with sysfs_emit_at() that checks for buffer boundries.
Затронутые продукты
Ссылки
- CVE-2023-53676
- SUSE Bug 1251786
- SUSE Bug 1251787
Описание
In the Linux kernel, the following vulnerability has been resolved: sctp: Fix MAC comparison to be constant-time To prevent timing attacks, MACs need to be compared in constant time. Use the appropriate helper function for this.
Затронутые продукты
Ссылки
- CVE-2025-40204
- SUSE Bug 1253436
- SUSE Bug 1253437