SUSE update for the Linux Kernel

Published: 2023-04-10

Risk	Medium
Patch available	YES
Number of vulnerabilities	20
CVE-ID	CVE-2017-5753 CVE-2021-3923 CVE-2022-4744 CVE-2023-0461 CVE-2023-1075 CVE-2023-1076 CVE-2023-1078 CVE-2023-1095 CVE-2023-1281 CVE-2023-1382 CVE-2023-1390 CVE-2023-1513 CVE-2023-1582 CVE-2023-23004 CVE-2023-25012 CVE-2023-28327 CVE-2023-28328 CVE-2023-28464 CVE-2023-28466 CVE-2023-28772
CWE-ID	CWE-200 CWE-401 CWE-415 CWE-416 CWE-843 CWE-787 CWE-476 CWE-835 CWE-665 CWE-362 CWE-119
Exploitation vector	Network
Public exploit	Vulnerability #1 is being exploited in the wild.
Vulnerable software	SUSE Linux Enterprise Live Patching Operating systems & Components / Operating system SUSE Linux Enterprise Server 15 SP2 Business Critical Linux Operating systems & Components / Operating system SUSE Linux Enterprise High Availability Extension 15 Operating systems & Components / Operating system SUSE Linux Enterprise Server for SAP Applications 15 Operating systems & Components / Operating system SUSE Linux Enterprise Server 15 SP2 LTSS Operating systems & Components / Operating system SUSE Linux Enterprise Server 15 Operating systems & Components / Operating system SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS Operating systems & Components / Operating system SUSE Linux Enterprise High Performance Computing 15 Operating systems & Components / Operating system SUSE Enterprise Storage Operating systems & Components / Operating system SUSE Manager Server Operating systems & Components / Operating system SUSE Manager Retail Branch Server Operating systems & Components / Operating system SUSE Manager Proxy Operating systems & Components / Operating system reiserfs-kmp-default Operating systems & Components / Operating system package or component reiserfs-kmp-default-debuginfo Operating systems & Components / Operating system package or component kernel-docs Operating systems & Components / Operating system package or component kernel-devel Operating systems & Components / Operating system package or component kernel-source Operating systems & Components / Operating system package or component kernel-macros Operating systems & Components / Operating system package or component kernel-default-base Operating systems & Components / Operating system package or component kernel-default-devel Operating systems & Components / Operating system package or component kernel-preempt-devel Operating systems & Components / Operating system package or component kernel-syms Operating systems & Components / Operating system package or component kernel-obs-build Operating systems & Components / Operating system package or component kernel-default-devel-debuginfo Operating systems & Components / Operating system package or component kernel-obs-build-debugsource Operating systems & Components / Operating system package or component kernel-preempt-devel-debuginfo Operating systems & Components / Operating system package or component kernel-preempt-debugsource Operating systems & Components / Operating system package or component kernel-preempt-debuginfo Operating systems & Components / Operating system package or component kernel-preempt Operating systems & Components / Operating system package or component ocfs2-kmp-default Operating systems & Components / Operating system package or component dlm-kmp-default-debuginfo Operating systems & Components / Operating system package or component cluster-md-kmp-default-debuginfo Operating systems & Components / Operating system package or component ocfs2-kmp-default-debuginfo Operating systems & Components / Operating system package or component gfs2-kmp-default-debuginfo Operating systems & Components / Operating system package or component cluster-md-kmp-default Operating systems & Components / Operating system package or component gfs2-kmp-default Operating systems & Components / Operating system package or component dlm-kmp-default Operating systems & Components / Operating system package or component kernel-livepatch-5_3_18-150200_24_148-default-debuginfo Operating systems & Components / Operating system package or component kernel-default-livepatch Operating systems & Components / Operating system package or component kernel-default-livepatch-devel Operating systems & Components / Operating system package or component kernel-default-debugsource Operating systems & Components / Operating system package or component kernel-livepatch-5_3_18-150200_24_148-default Operating systems & Components / Operating system package or component kernel-livepatch-SLE15-SP2_Update_35-debugsource Operating systems & Components / Operating system package or component kernel-default-debuginfo Operating systems & Components / Operating system package or component kernel-default Operating systems & Components / Operating system package or component
Vendor	SUSE

Security Bulletin

This security bulletin contains information about 20 vulnerabilities.

1) Information disclosure

EUVDB-ID: #VU9884

Risk: Low

CVSSv4.0: 6.8 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:A/U:Clear]

CVE-ID: CVE-2017-5753

CWE-ID: CWE-200 - Information exposure

Exploit availability: Yes

Description

The vulnerability allows a local attacker to obtain potentially sensitive information.

The vulnerability exists in Intel CPU hardware due to improper implementation of the speculative execution of instructions. A local attacker can perform a bounds check bypass, execute arbitrary code, conduct a side-channel attack and read sensitive memory information.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP2

SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2

SUSE Linux Enterprise High Availability Extension 15: SP2

SUSE Linux Enterprise Server for SAP Applications 15: SP2

SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise Server 15: SP2

SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise High Performance Computing 15: SP2

SUSE Enterprise Storage: 7.1

SUSE Manager Server: 4.1

SUSE Manager Retail Branch Server: 4.1

SUSE Manager Proxy: 4.1

reiserfs-kmp-default: before 5.3.18-150200.24.148.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.148.1

kernel-docs: before 5.3.18-150200.24.148.1

kernel-devel: before 5.3.18-150200.24.148.1

kernel-source: before 5.3.18-150200.24.148.1

kernel-macros: before 5.3.18-150200.24.148.1

kernel-default-base: before 5.3.18-150200.24.148.1.150200.9.71.1

kernel-default-devel: before 5.3.18-150200.24.148.1

kernel-preempt-devel: before 5.3.18-150200.24.148.1

kernel-syms: before 5.3.18-150200.24.148.1

kernel-obs-build: before 5.3.18-150200.24.148.1

kernel-default-devel-debuginfo: before 5.3.18-150200.24.148.1

kernel-obs-build-debugsource: before 5.3.18-150200.24.148.1

kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.148.1

kernel-preempt-debugsource: before 5.3.18-150200.24.148.1

kernel-preempt-debuginfo: before 5.3.18-150200.24.148.1

kernel-preempt: before 5.3.18-150200.24.148.1

ocfs2-kmp-default: before 5.3.18-150200.24.148.1

dlm-kmp-default-debuginfo: before 5.3.18-150200.24.148.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.148.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.148.1

gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.148.1

cluster-md-kmp-default: before 5.3.18-150200.24.148.1

gfs2-kmp-default: before 5.3.18-150200.24.148.1

dlm-kmp-default: before 5.3.18-150200.24.148.1

kernel-livepatch-5_3_18-150200_24_148-default-debuginfo: before 1-150200.5.3.1

kernel-default-livepatch: before 5.3.18-150200.24.148.1

kernel-default-livepatch-devel: before 5.3.18-150200.24.148.1

kernel-default-debugsource: before 5.3.18-150200.24.148.1

kernel-livepatch-5_3_18-150200_24_148-default: before 1-150200.5.3.1

kernel-livepatch-SLE15-SP2_Update_35-debugsource: before 1-150200.5.3.1

kernel-default-debuginfo: before 5.3.18-150200.24.148.1

kernel-default: before 5.3.18-150200.24.148.1

CPE2.3

External links

https://www.suse.com/support/update/announcement/2023/suse-su-20231800-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

Yes. This vulnerability is being exploited in the wild.

2) Memory leak

EUVDB-ID: #VU74626

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-3923

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due memory leak within RDMA over infiniband implementation in Linux kernel. A local user can force the application to leak memory by sensing commands to the /dev/infiniband/rdma_cm device node and gain access to sensitive information.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP2

SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2

SUSE Linux Enterprise High Availability Extension 15: SP2

SUSE Linux Enterprise Server for SAP Applications 15: SP2

SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise Server 15: SP2

SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise High Performance Computing 15: SP2

SUSE Enterprise Storage: 7.1

SUSE Manager Server: 4.1

SUSE Manager Retail Branch Server: 4.1

SUSE Manager Proxy: 4.1

reiserfs-kmp-default: before 5.3.18-150200.24.148.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.148.1

kernel-docs: before 5.3.18-150200.24.148.1

kernel-devel: before 5.3.18-150200.24.148.1

kernel-source: before 5.3.18-150200.24.148.1

kernel-macros: before 5.3.18-150200.24.148.1

kernel-default-base: before 5.3.18-150200.24.148.1.150200.9.71.1

kernel-default-devel: before 5.3.18-150200.24.148.1

kernel-preempt-devel: before 5.3.18-150200.24.148.1

kernel-syms: before 5.3.18-150200.24.148.1

kernel-obs-build: before 5.3.18-150200.24.148.1

kernel-default-devel-debuginfo: before 5.3.18-150200.24.148.1

kernel-obs-build-debugsource: before 5.3.18-150200.24.148.1

kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.148.1

kernel-preempt-debugsource: before 5.3.18-150200.24.148.1

kernel-preempt-debuginfo: before 5.3.18-150200.24.148.1

kernel-preempt: before 5.3.18-150200.24.148.1

ocfs2-kmp-default: before 5.3.18-150200.24.148.1

dlm-kmp-default-debuginfo: before 5.3.18-150200.24.148.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.148.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.148.1

gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.148.1

cluster-md-kmp-default: before 5.3.18-150200.24.148.1

gfs2-kmp-default: before 5.3.18-150200.24.148.1

dlm-kmp-default: before 5.3.18-150200.24.148.1

kernel-livepatch-5_3_18-150200_24_148-default-debuginfo: before 1-150200.5.3.1

kernel-default-livepatch: before 5.3.18-150200.24.148.1

kernel-default-livepatch-devel: before 5.3.18-150200.24.148.1

kernel-default-debugsource: before 5.3.18-150200.24.148.1

kernel-livepatch-5_3_18-150200_24_148-default: before 1-150200.5.3.1

kernel-livepatch-SLE15-SP2_Update_35-debugsource: before 1-150200.5.3.1

kernel-default-debuginfo: before 5.3.18-150200.24.148.1

kernel-default: before 5.3.18-150200.24.148.1

CPE2.3

External links

https://www.suse.com/support/update/announcement/2023/suse-su-20231800-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Double Free

EUVDB-ID: #VU74053

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-4744

CWE-ID: CWE-415 - Double Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error within the tun_free_netdev() function in the Linux kernel’s TUN/TAP device driver. A local user can trigger a double free error and execute arbitrary code with elevated privileges.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP2

SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2

SUSE Linux Enterprise High Availability Extension 15: SP2

SUSE Linux Enterprise Server for SAP Applications 15: SP2

SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise Server 15: SP2

SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise High Performance Computing 15: SP2

SUSE Enterprise Storage: 7.1

SUSE Manager Server: 4.1

SUSE Manager Retail Branch Server: 4.1

SUSE Manager Proxy: 4.1

reiserfs-kmp-default: before 5.3.18-150200.24.148.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.148.1

kernel-docs: before 5.3.18-150200.24.148.1

kernel-devel: before 5.3.18-150200.24.148.1

kernel-source: before 5.3.18-150200.24.148.1

kernel-macros: before 5.3.18-150200.24.148.1

kernel-default-base: before 5.3.18-150200.24.148.1.150200.9.71.1

kernel-default-devel: before 5.3.18-150200.24.148.1

kernel-preempt-devel: before 5.3.18-150200.24.148.1

kernel-syms: before 5.3.18-150200.24.148.1

kernel-obs-build: before 5.3.18-150200.24.148.1

kernel-default-devel-debuginfo: before 5.3.18-150200.24.148.1

kernel-obs-build-debugsource: before 5.3.18-150200.24.148.1

kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.148.1

kernel-preempt-debugsource: before 5.3.18-150200.24.148.1

kernel-preempt-debuginfo: before 5.3.18-150200.24.148.1

kernel-preempt: before 5.3.18-150200.24.148.1

ocfs2-kmp-default: before 5.3.18-150200.24.148.1

dlm-kmp-default-debuginfo: before 5.3.18-150200.24.148.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.148.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.148.1

gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.148.1

cluster-md-kmp-default: before 5.3.18-150200.24.148.1

gfs2-kmp-default: before 5.3.18-150200.24.148.1

dlm-kmp-default: before 5.3.18-150200.24.148.1

kernel-livepatch-5_3_18-150200_24_148-default-debuginfo: before 1-150200.5.3.1

kernel-default-livepatch: before 5.3.18-150200.24.148.1

kernel-default-livepatch-devel: before 5.3.18-150200.24.148.1

kernel-default-debugsource: before 5.3.18-150200.24.148.1

kernel-livepatch-5_3_18-150200_24_148-default: before 1-150200.5.3.1

kernel-livepatch-SLE15-SP2_Update_35-debugsource: before 1-150200.5.3.1

kernel-default-debuginfo: before 5.3.18-150200.24.148.1

kernel-default: before 5.3.18-150200.24.148.1

CPE2.3

External links

https://www.suse.com/support/update/announcement/2023/suse-su-20231800-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Use-after-free

EUVDB-ID: #VU72506

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-0461

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the Upper Level Protocol (ULP) subsystem in Linux kernel caused by improper handling of sockets entering the LISTEN state in certain protocols. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP2

SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2

SUSE Linux Enterprise High Availability Extension 15: SP2

SUSE Linux Enterprise Server for SAP Applications 15: SP2

SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise Server 15: SP2

SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise High Performance Computing 15: SP2

SUSE Enterprise Storage: 7.1

SUSE Manager Server: 4.1

SUSE Manager Retail Branch Server: 4.1

SUSE Manager Proxy: 4.1

reiserfs-kmp-default: before 5.3.18-150200.24.148.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.148.1

kernel-docs: before 5.3.18-150200.24.148.1

kernel-devel: before 5.3.18-150200.24.148.1

kernel-source: before 5.3.18-150200.24.148.1

kernel-macros: before 5.3.18-150200.24.148.1

kernel-default-base: before 5.3.18-150200.24.148.1.150200.9.71.1

kernel-default-devel: before 5.3.18-150200.24.148.1

kernel-preempt-devel: before 5.3.18-150200.24.148.1

kernel-syms: before 5.3.18-150200.24.148.1

kernel-obs-build: before 5.3.18-150200.24.148.1

kernel-default-devel-debuginfo: before 5.3.18-150200.24.148.1

kernel-obs-build-debugsource: before 5.3.18-150200.24.148.1

kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.148.1

kernel-preempt-debugsource: before 5.3.18-150200.24.148.1

kernel-preempt-debuginfo: before 5.3.18-150200.24.148.1

kernel-preempt: before 5.3.18-150200.24.148.1

ocfs2-kmp-default: before 5.3.18-150200.24.148.1

dlm-kmp-default-debuginfo: before 5.3.18-150200.24.148.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.148.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.148.1

gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.148.1

cluster-md-kmp-default: before 5.3.18-150200.24.148.1

gfs2-kmp-default: before 5.3.18-150200.24.148.1

dlm-kmp-default: before 5.3.18-150200.24.148.1

kernel-livepatch-5_3_18-150200_24_148-default-debuginfo: before 1-150200.5.3.1

kernel-default-livepatch: before 5.3.18-150200.24.148.1

kernel-default-livepatch-devel: before 5.3.18-150200.24.148.1

kernel-default-debugsource: before 5.3.18-150200.24.148.1

kernel-livepatch-5_3_18-150200_24_148-default: before 1-150200.5.3.1

kernel-livepatch-SLE15-SP2_Update_35-debugsource: before 1-150200.5.3.1

kernel-default-debuginfo: before 5.3.18-150200.24.148.1

kernel-default: before 5.3.18-150200.24.148.1

CPE2.3

External links

https://www.suse.com/support/update/announcement/2023/suse-su-20231800-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Type Confusion

EUVDB-ID: #VU72700

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-1075

CWE-ID: CWE-843 - Type confusion

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a type confusion error within the tls_is_tx_ready() function in the net/tls stack of the Linux Kernel. A local user can trigger a type confusion error and execute arbitrary code with elevated privileges.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP2

SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2

SUSE Linux Enterprise High Availability Extension 15: SP2

SUSE Linux Enterprise Server for SAP Applications 15: SP2

SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise Server 15: SP2

SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise High Performance Computing 15: SP2

SUSE Enterprise Storage: 7.1

SUSE Manager Server: 4.1

SUSE Manager Retail Branch Server: 4.1

SUSE Manager Proxy: 4.1

reiserfs-kmp-default: before 5.3.18-150200.24.148.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.148.1

kernel-docs: before 5.3.18-150200.24.148.1

kernel-devel: before 5.3.18-150200.24.148.1

kernel-source: before 5.3.18-150200.24.148.1

kernel-macros: before 5.3.18-150200.24.148.1

kernel-default-base: before 5.3.18-150200.24.148.1.150200.9.71.1

kernel-default-devel: before 5.3.18-150200.24.148.1

kernel-preempt-devel: before 5.3.18-150200.24.148.1

kernel-syms: before 5.3.18-150200.24.148.1

kernel-obs-build: before 5.3.18-150200.24.148.1

kernel-default-devel-debuginfo: before 5.3.18-150200.24.148.1

kernel-obs-build-debugsource: before 5.3.18-150200.24.148.1

kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.148.1

kernel-preempt-debugsource: before 5.3.18-150200.24.148.1

kernel-preempt-debuginfo: before 5.3.18-150200.24.148.1

kernel-preempt: before 5.3.18-150200.24.148.1

ocfs2-kmp-default: before 5.3.18-150200.24.148.1

dlm-kmp-default-debuginfo: before 5.3.18-150200.24.148.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.148.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.148.1

gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.148.1

cluster-md-kmp-default: before 5.3.18-150200.24.148.1

gfs2-kmp-default: before 5.3.18-150200.24.148.1

dlm-kmp-default: before 5.3.18-150200.24.148.1

kernel-livepatch-5_3_18-150200_24_148-default-debuginfo: before 1-150200.5.3.1

kernel-default-livepatch: before 5.3.18-150200.24.148.1

kernel-default-livepatch-devel: before 5.3.18-150200.24.148.1

kernel-default-debugsource: before 5.3.18-150200.24.148.1

kernel-livepatch-5_3_18-150200_24_148-default: before 1-150200.5.3.1

kernel-livepatch-SLE15-SP2_Update_35-debugsource: before 1-150200.5.3.1

kernel-default-debuginfo: before 5.3.18-150200.24.148.1

kernel-default: before 5.3.18-150200.24.148.1

CPE2.3

External links

https://www.suse.com/support/update/announcement/2023/suse-su-20231800-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Type Confusion

EUVDB-ID: #VU72742

Risk: Low

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-1076

CWE-ID: CWE-843 - Type confusion

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a type confusion error during initialization of TUN/TAP sockets. A local user can trigger a type confusion error and execute arbitrary code with elevated privileges.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP2

SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2

SUSE Linux Enterprise High Availability Extension 15: SP2

SUSE Linux Enterprise Server for SAP Applications 15: SP2

SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise Server 15: SP2

SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise High Performance Computing 15: SP2

SUSE Enterprise Storage: 7.1

SUSE Manager Server: 4.1

SUSE Manager Retail Branch Server: 4.1

SUSE Manager Proxy: 4.1

reiserfs-kmp-default: before 5.3.18-150200.24.148.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.148.1

kernel-docs: before 5.3.18-150200.24.148.1

kernel-devel: before 5.3.18-150200.24.148.1

kernel-source: before 5.3.18-150200.24.148.1

kernel-macros: before 5.3.18-150200.24.148.1

kernel-default-base: before 5.3.18-150200.24.148.1.150200.9.71.1

kernel-default-devel: before 5.3.18-150200.24.148.1

kernel-preempt-devel: before 5.3.18-150200.24.148.1

kernel-syms: before 5.3.18-150200.24.148.1

kernel-obs-build: before 5.3.18-150200.24.148.1

kernel-default-devel-debuginfo: before 5.3.18-150200.24.148.1

kernel-obs-build-debugsource: before 5.3.18-150200.24.148.1

kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.148.1

kernel-preempt-debugsource: before 5.3.18-150200.24.148.1

kernel-preempt-debuginfo: before 5.3.18-150200.24.148.1

kernel-preempt: before 5.3.18-150200.24.148.1

ocfs2-kmp-default: before 5.3.18-150200.24.148.1

dlm-kmp-default-debuginfo: before 5.3.18-150200.24.148.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.148.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.148.1

gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.148.1

cluster-md-kmp-default: before 5.3.18-150200.24.148.1

gfs2-kmp-default: before 5.3.18-150200.24.148.1

dlm-kmp-default: before 5.3.18-150200.24.148.1

kernel-livepatch-5_3_18-150200_24_148-default-debuginfo: before 1-150200.5.3.1

kernel-default-livepatch: before 5.3.18-150200.24.148.1

kernel-default-livepatch-devel: before 5.3.18-150200.24.148.1

kernel-default-debugsource: before 5.3.18-150200.24.148.1

kernel-livepatch-5_3_18-150200_24_148-default: before 1-150200.5.3.1

kernel-livepatch-SLE15-SP2_Update_35-debugsource: before 1-150200.5.3.1

kernel-default-debuginfo: before 5.3.18-150200.24.148.1

kernel-default: before 5.3.18-150200.24.148.1

CPE2.3

External links

https://www.suse.com/support/update/announcement/2023/suse-su-20231800-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Out-of-bounds write

EUVDB-ID: #VU74054

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-1078

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error within the rds_rm_zerocopy_callback() function in Linux kernel RDS (Reliable Datagram Sockets) protocol. A local user can trigger an out-of-bounds write and execute arbitrary code with elevated privileges.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP2

SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2

SUSE Linux Enterprise High Availability Extension 15: SP2

SUSE Linux Enterprise Server for SAP Applications 15: SP2

SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise Server 15: SP2

SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise High Performance Computing 15: SP2

SUSE Enterprise Storage: 7.1

SUSE Manager Server: 4.1

SUSE Manager Retail Branch Server: 4.1

SUSE Manager Proxy: 4.1

reiserfs-kmp-default: before 5.3.18-150200.24.148.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.148.1

kernel-docs: before 5.3.18-150200.24.148.1

kernel-devel: before 5.3.18-150200.24.148.1

kernel-source: before 5.3.18-150200.24.148.1

kernel-macros: before 5.3.18-150200.24.148.1

kernel-default-base: before 5.3.18-150200.24.148.1.150200.9.71.1

kernel-default-devel: before 5.3.18-150200.24.148.1

kernel-preempt-devel: before 5.3.18-150200.24.148.1

kernel-syms: before 5.3.18-150200.24.148.1

kernel-obs-build: before 5.3.18-150200.24.148.1

kernel-default-devel-debuginfo: before 5.3.18-150200.24.148.1

kernel-obs-build-debugsource: before 5.3.18-150200.24.148.1

kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.148.1

kernel-preempt-debugsource: before 5.3.18-150200.24.148.1

kernel-preempt-debuginfo: before 5.3.18-150200.24.148.1

kernel-preempt: before 5.3.18-150200.24.148.1

ocfs2-kmp-default: before 5.3.18-150200.24.148.1

dlm-kmp-default-debuginfo: before 5.3.18-150200.24.148.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.148.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.148.1

gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.148.1

cluster-md-kmp-default: before 5.3.18-150200.24.148.1

gfs2-kmp-default: before 5.3.18-150200.24.148.1

dlm-kmp-default: before 5.3.18-150200.24.148.1

kernel-livepatch-5_3_18-150200_24_148-default-debuginfo: before 1-150200.5.3.1

kernel-default-livepatch: before 5.3.18-150200.24.148.1

kernel-default-livepatch-devel: before 5.3.18-150200.24.148.1

kernel-default-debugsource: before 5.3.18-150200.24.148.1

kernel-livepatch-5_3_18-150200_24_148-default: before 1-150200.5.3.1

kernel-livepatch-SLE15-SP2_Update_35-debugsource: before 1-150200.5.3.1

kernel-default-debuginfo: before 5.3.18-150200.24.148.1

kernel-default: before 5.3.18-150200.24.148.1

CPE2.3

External links

https://www.suse.com/support/update/announcement/2023/suse-su-20231800-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) NULL pointer dereference

EUVDB-ID: #VU73783

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-1095

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error in the nf_tables_updtable() function within the netfilter subsystem. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP2

SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2

SUSE Linux Enterprise High Availability Extension 15: SP2

SUSE Linux Enterprise Server for SAP Applications 15: SP2

SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise Server 15: SP2

SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise High Performance Computing 15: SP2

SUSE Enterprise Storage: 7.1

SUSE Manager Server: 4.1

SUSE Manager Retail Branch Server: 4.1

SUSE Manager Proxy: 4.1

reiserfs-kmp-default: before 5.3.18-150200.24.148.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.148.1

kernel-docs: before 5.3.18-150200.24.148.1

kernel-devel: before 5.3.18-150200.24.148.1

kernel-source: before 5.3.18-150200.24.148.1

kernel-macros: before 5.3.18-150200.24.148.1

kernel-default-base: before 5.3.18-150200.24.148.1.150200.9.71.1

kernel-default-devel: before 5.3.18-150200.24.148.1

kernel-preempt-devel: before 5.3.18-150200.24.148.1

kernel-syms: before 5.3.18-150200.24.148.1

kernel-obs-build: before 5.3.18-150200.24.148.1

kernel-default-devel-debuginfo: before 5.3.18-150200.24.148.1

kernel-obs-build-debugsource: before 5.3.18-150200.24.148.1

kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.148.1

kernel-preempt-debugsource: before 5.3.18-150200.24.148.1

kernel-preempt-debuginfo: before 5.3.18-150200.24.148.1

kernel-preempt: before 5.3.18-150200.24.148.1

ocfs2-kmp-default: before 5.3.18-150200.24.148.1

dlm-kmp-default-debuginfo: before 5.3.18-150200.24.148.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.148.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.148.1

gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.148.1

cluster-md-kmp-default: before 5.3.18-150200.24.148.1

gfs2-kmp-default: before 5.3.18-150200.24.148.1

dlm-kmp-default: before 5.3.18-150200.24.148.1

kernel-livepatch-5_3_18-150200_24_148-default-debuginfo: before 1-150200.5.3.1

kernel-default-livepatch: before 5.3.18-150200.24.148.1

kernel-default-livepatch-devel: before 5.3.18-150200.24.148.1

kernel-default-debugsource: before 5.3.18-150200.24.148.1

kernel-livepatch-5_3_18-150200_24_148-default: before 1-150200.5.3.1

kernel-livepatch-SLE15-SP2_Update_35-debugsource: before 1-150200.5.3.1

kernel-default-debuginfo: before 5.3.18-150200.24.148.1

kernel-default: before 5.3.18-150200.24.148.1

CPE2.3

External links

https://www.suse.com/support/update/announcement/2023/suse-su-20231800-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) Use-after-free

EUVDB-ID: #VU74122

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-1281

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error in Linux kernel traffic control index filter (tcindex) when the tcf_exts_exec() function is called with the destroyed tcf_ext. A local user attacker can trigger a use-after-free error and execute arbitrary code with elevated privileges.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP2

SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2

SUSE Linux Enterprise High Availability Extension 15: SP2

SUSE Linux Enterprise Server for SAP Applications 15: SP2

SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise Server 15: SP2

SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise High Performance Computing 15: SP2

SUSE Enterprise Storage: 7.1

SUSE Manager Server: 4.1

SUSE Manager Retail Branch Server: 4.1

SUSE Manager Proxy: 4.1

reiserfs-kmp-default: before 5.3.18-150200.24.148.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.148.1

kernel-docs: before 5.3.18-150200.24.148.1

kernel-devel: before 5.3.18-150200.24.148.1

kernel-source: before 5.3.18-150200.24.148.1

kernel-macros: before 5.3.18-150200.24.148.1

kernel-default-base: before 5.3.18-150200.24.148.1.150200.9.71.1

kernel-default-devel: before 5.3.18-150200.24.148.1

kernel-preempt-devel: before 5.3.18-150200.24.148.1

kernel-syms: before 5.3.18-150200.24.148.1

kernel-obs-build: before 5.3.18-150200.24.148.1

kernel-default-devel-debuginfo: before 5.3.18-150200.24.148.1

kernel-obs-build-debugsource: before 5.3.18-150200.24.148.1

kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.148.1

kernel-preempt-debugsource: before 5.3.18-150200.24.148.1

kernel-preempt-debuginfo: before 5.3.18-150200.24.148.1

kernel-preempt: before 5.3.18-150200.24.148.1

ocfs2-kmp-default: before 5.3.18-150200.24.148.1

dlm-kmp-default-debuginfo: before 5.3.18-150200.24.148.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.148.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.148.1

gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.148.1

cluster-md-kmp-default: before 5.3.18-150200.24.148.1

gfs2-kmp-default: before 5.3.18-150200.24.148.1

dlm-kmp-default: before 5.3.18-150200.24.148.1

kernel-livepatch-5_3_18-150200_24_148-default-debuginfo: before 1-150200.5.3.1

kernel-default-livepatch: before 5.3.18-150200.24.148.1

kernel-default-livepatch-devel: before 5.3.18-150200.24.148.1

kernel-default-debugsource: before 5.3.18-150200.24.148.1

kernel-livepatch-5_3_18-150200_24_148-default: before 1-150200.5.3.1

kernel-livepatch-SLE15-SP2_Update_35-debugsource: before 1-150200.5.3.1

kernel-default-debuginfo: before 5.3.18-150200.24.148.1

kernel-default: before 5.3.18-150200.24.148.1

CPE2.3

External links

https://www.suse.com/support/update/announcement/2023/suse-su-20231800-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

10) NULL pointer dereference

EUVDB-ID: #VU74550

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-1382

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error in net/tipc/topsrv.c within the TIPC protocol implementation in the Linux kernel. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP2

SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2

SUSE Linux Enterprise High Availability Extension 15: SP2

SUSE Linux Enterprise Server for SAP Applications 15: SP2

SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise Server 15: SP2

SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise High Performance Computing 15: SP2

SUSE Enterprise Storage: 7.1

SUSE Manager Server: 4.1

SUSE Manager Retail Branch Server: 4.1

SUSE Manager Proxy: 4.1

reiserfs-kmp-default: before 5.3.18-150200.24.148.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.148.1

kernel-docs: before 5.3.18-150200.24.148.1

kernel-devel: before 5.3.18-150200.24.148.1

kernel-source: before 5.3.18-150200.24.148.1

kernel-macros: before 5.3.18-150200.24.148.1

kernel-default-base: before 5.3.18-150200.24.148.1.150200.9.71.1

kernel-default-devel: before 5.3.18-150200.24.148.1

kernel-preempt-devel: before 5.3.18-150200.24.148.1

kernel-syms: before 5.3.18-150200.24.148.1

kernel-obs-build: before 5.3.18-150200.24.148.1

kernel-default-devel-debuginfo: before 5.3.18-150200.24.148.1

kernel-obs-build-debugsource: before 5.3.18-150200.24.148.1

kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.148.1

kernel-preempt-debugsource: before 5.3.18-150200.24.148.1

kernel-preempt-debuginfo: before 5.3.18-150200.24.148.1

kernel-preempt: before 5.3.18-150200.24.148.1

ocfs2-kmp-default: before 5.3.18-150200.24.148.1

dlm-kmp-default-debuginfo: before 5.3.18-150200.24.148.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.148.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.148.1

gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.148.1

cluster-md-kmp-default: before 5.3.18-150200.24.148.1

gfs2-kmp-default: before 5.3.18-150200.24.148.1

dlm-kmp-default: before 5.3.18-150200.24.148.1

kernel-livepatch-5_3_18-150200_24_148-default-debuginfo: before 1-150200.5.3.1

kernel-default-livepatch: before 5.3.18-150200.24.148.1

kernel-default-livepatch-devel: before 5.3.18-150200.24.148.1

kernel-default-debugsource: before 5.3.18-150200.24.148.1

kernel-livepatch-5_3_18-150200_24_148-default: before 1-150200.5.3.1

kernel-livepatch-SLE15-SP2_Update_35-debugsource: before 1-150200.5.3.1

kernel-default-debuginfo: before 5.3.18-150200.24.148.1

kernel-default: before 5.3.18-150200.24.148.1

CPE2.3

External links

https://www.suse.com/support/update/announcement/2023/suse-su-20231800-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

11) Infinite loop

EUVDB-ID: #VU74631

Risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2023-1390

CWE-ID: CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to infinite loop in tipc_link_xmit() within the Linux kernel TIPC kernel module when parsing UDp packets. A remote attacker can send two small UDP packets to a system with a UDP bearer and consume all available CPU resources.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP2

SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2

SUSE Linux Enterprise High Availability Extension 15: SP2

SUSE Linux Enterprise Server for SAP Applications 15: SP2

SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise Server 15: SP2

SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise High Performance Computing 15: SP2

SUSE Enterprise Storage: 7.1

SUSE Manager Server: 4.1

SUSE Manager Retail Branch Server: 4.1

SUSE Manager Proxy: 4.1

reiserfs-kmp-default: before 5.3.18-150200.24.148.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.148.1

kernel-docs: before 5.3.18-150200.24.148.1

kernel-devel: before 5.3.18-150200.24.148.1

kernel-source: before 5.3.18-150200.24.148.1

kernel-macros: before 5.3.18-150200.24.148.1

kernel-default-base: before 5.3.18-150200.24.148.1.150200.9.71.1

kernel-default-devel: before 5.3.18-150200.24.148.1

kernel-preempt-devel: before 5.3.18-150200.24.148.1

kernel-syms: before 5.3.18-150200.24.148.1

kernel-obs-build: before 5.3.18-150200.24.148.1

kernel-default-devel-debuginfo: before 5.3.18-150200.24.148.1

kernel-obs-build-debugsource: before 5.3.18-150200.24.148.1

kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.148.1

kernel-preempt-debugsource: before 5.3.18-150200.24.148.1

kernel-preempt-debuginfo: before 5.3.18-150200.24.148.1

kernel-preempt: before 5.3.18-150200.24.148.1

ocfs2-kmp-default: before 5.3.18-150200.24.148.1

dlm-kmp-default-debuginfo: before 5.3.18-150200.24.148.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.148.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.148.1

gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.148.1

cluster-md-kmp-default: before 5.3.18-150200.24.148.1

gfs2-kmp-default: before 5.3.18-150200.24.148.1

dlm-kmp-default: before 5.3.18-150200.24.148.1

kernel-livepatch-5_3_18-150200_24_148-default-debuginfo: before 1-150200.5.3.1

kernel-default-livepatch: before 5.3.18-150200.24.148.1

kernel-default-livepatch-devel: before 5.3.18-150200.24.148.1

kernel-default-debugsource: before 5.3.18-150200.24.148.1

kernel-livepatch-5_3_18-150200_24_148-default: before 1-150200.5.3.1

kernel-livepatch-SLE15-SP2_Update_35-debugsource: before 1-150200.5.3.1

kernel-default-debuginfo: before 5.3.18-150200.24.148.1

kernel-default: before 5.3.18-150200.24.148.1

CPE2.3

External links

https://www.suse.com/support/update/announcement/2023/suse-su-20231800-1/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

12) Improper Initialization

EUVDB-ID: #VU74630

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-1513

CWE-ID: CWE-665 - Improper Initialization

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to improper initialization when calling the KVM_GET_DEBUGREGS ioctl on 32-bit systems. A local user can run a specially crafted application to gain access to sensitive information.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP2

SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2

SUSE Linux Enterprise High Availability Extension 15: SP2

SUSE Linux Enterprise Server for SAP Applications 15: SP2

SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise Server 15: SP2

SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise High Performance Computing 15: SP2

SUSE Enterprise Storage: 7.1

SUSE Manager Server: 4.1

SUSE Manager Retail Branch Server: 4.1

SUSE Manager Proxy: 4.1

reiserfs-kmp-default: before 5.3.18-150200.24.148.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.148.1

kernel-docs: before 5.3.18-150200.24.148.1

kernel-devel: before 5.3.18-150200.24.148.1

kernel-source: before 5.3.18-150200.24.148.1

kernel-macros: before 5.3.18-150200.24.148.1

kernel-default-base: before 5.3.18-150200.24.148.1.150200.9.71.1

kernel-default-devel: before 5.3.18-150200.24.148.1

kernel-preempt-devel: before 5.3.18-150200.24.148.1

kernel-syms: before 5.3.18-150200.24.148.1

kernel-obs-build: before 5.3.18-150200.24.148.1

kernel-default-devel-debuginfo: before 5.3.18-150200.24.148.1

kernel-obs-build-debugsource: before 5.3.18-150200.24.148.1

kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.148.1

kernel-preempt-debugsource: before 5.3.18-150200.24.148.1

kernel-preempt-debuginfo: before 5.3.18-150200.24.148.1

kernel-preempt: before 5.3.18-150200.24.148.1

ocfs2-kmp-default: before 5.3.18-150200.24.148.1

dlm-kmp-default-debuginfo: before 5.3.18-150200.24.148.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.148.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.148.1

gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.148.1

cluster-md-kmp-default: before 5.3.18-150200.24.148.1

gfs2-kmp-default: before 5.3.18-150200.24.148.1

dlm-kmp-default: before 5.3.18-150200.24.148.1

kernel-livepatch-5_3_18-150200_24_148-default-debuginfo: before 1-150200.5.3.1

kernel-default-livepatch: before 5.3.18-150200.24.148.1

kernel-default-livepatch-devel: before 5.3.18-150200.24.148.1

kernel-default-debugsource: before 5.3.18-150200.24.148.1

kernel-livepatch-5_3_18-150200_24_148-default: before 1-150200.5.3.1

kernel-livepatch-SLE15-SP2_Update_35-debugsource: before 1-150200.5.3.1

kernel-default-debuginfo: before 5.3.18-150200.24.148.1

kernel-default: before 5.3.18-150200.24.148.1

CPE2.3

External links

https://www.suse.com/support/update/announcement/2023/suse-su-20231800-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

13) Race condition

EUVDB-ID: #VU74629

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-1582

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a race condition within fs/proc/task_mmu.c. A local user can exploit the race and crash the kernel.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP2

SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2

SUSE Linux Enterprise High Availability Extension 15: SP2

SUSE Linux Enterprise Server for SAP Applications 15: SP2

SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise Server 15: SP2

SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise High Performance Computing 15: SP2

SUSE Enterprise Storage: 7.1

SUSE Manager Server: 4.1

SUSE Manager Retail Branch Server: 4.1

SUSE Manager Proxy: 4.1

reiserfs-kmp-default: before 5.3.18-150200.24.148.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.148.1

kernel-docs: before 5.3.18-150200.24.148.1

kernel-devel: before 5.3.18-150200.24.148.1

kernel-source: before 5.3.18-150200.24.148.1

kernel-macros: before 5.3.18-150200.24.148.1

kernel-default-base: before 5.3.18-150200.24.148.1.150200.9.71.1

kernel-default-devel: before 5.3.18-150200.24.148.1

kernel-preempt-devel: before 5.3.18-150200.24.148.1

kernel-syms: before 5.3.18-150200.24.148.1

kernel-obs-build: before 5.3.18-150200.24.148.1

kernel-default-devel-debuginfo: before 5.3.18-150200.24.148.1

kernel-obs-build-debugsource: before 5.3.18-150200.24.148.1

kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.148.1

kernel-preempt-debugsource: before 5.3.18-150200.24.148.1

kernel-preempt-debuginfo: before 5.3.18-150200.24.148.1

kernel-preempt: before 5.3.18-150200.24.148.1

ocfs2-kmp-default: before 5.3.18-150200.24.148.1

dlm-kmp-default-debuginfo: before 5.3.18-150200.24.148.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.148.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.148.1

gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.148.1

cluster-md-kmp-default: before 5.3.18-150200.24.148.1

gfs2-kmp-default: before 5.3.18-150200.24.148.1

dlm-kmp-default: before 5.3.18-150200.24.148.1

kernel-livepatch-5_3_18-150200_24_148-default-debuginfo: before 1-150200.5.3.1

kernel-default-livepatch: before 5.3.18-150200.24.148.1

kernel-default-livepatch-devel: before 5.3.18-150200.24.148.1

kernel-default-debugsource: before 5.3.18-150200.24.148.1

kernel-livepatch-5_3_18-150200_24_148-default: before 1-150200.5.3.1

kernel-livepatch-SLE15-SP2_Update_35-debugsource: before 1-150200.5.3.1

kernel-default-debuginfo: before 5.3.18-150200.24.148.1

kernel-default: before 5.3.18-150200.24.148.1

CPE2.3

External links

https://www.suse.com/support/update/announcement/2023/suse-su-20231800-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

14) NULL pointer dereference

EUVDB-ID: #VU73773

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-23004

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error within the get_sg_table() function in drivers/gpu/drm/arm/malidp_planes.c. A local user can pass specially crafted data to the system and perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP2

SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2

SUSE Linux Enterprise High Availability Extension 15: SP2

SUSE Linux Enterprise Server for SAP Applications 15: SP2

SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise Server 15: SP2

SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise High Performance Computing 15: SP2

SUSE Enterprise Storage: 7.1

SUSE Manager Server: 4.1

SUSE Manager Retail Branch Server: 4.1

SUSE Manager Proxy: 4.1

reiserfs-kmp-default: before 5.3.18-150200.24.148.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.148.1

kernel-docs: before 5.3.18-150200.24.148.1

kernel-devel: before 5.3.18-150200.24.148.1

kernel-source: before 5.3.18-150200.24.148.1

kernel-macros: before 5.3.18-150200.24.148.1

kernel-default-base: before 5.3.18-150200.24.148.1.150200.9.71.1

kernel-default-devel: before 5.3.18-150200.24.148.1

kernel-preempt-devel: before 5.3.18-150200.24.148.1

kernel-syms: before 5.3.18-150200.24.148.1

kernel-obs-build: before 5.3.18-150200.24.148.1

kernel-default-devel-debuginfo: before 5.3.18-150200.24.148.1

kernel-obs-build-debugsource: before 5.3.18-150200.24.148.1

kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.148.1

kernel-preempt-debugsource: before 5.3.18-150200.24.148.1

kernel-preempt-debuginfo: before 5.3.18-150200.24.148.1

kernel-preempt: before 5.3.18-150200.24.148.1

ocfs2-kmp-default: before 5.3.18-150200.24.148.1

dlm-kmp-default-debuginfo: before 5.3.18-150200.24.148.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.148.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.148.1

gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.148.1

cluster-md-kmp-default: before 5.3.18-150200.24.148.1

gfs2-kmp-default: before 5.3.18-150200.24.148.1

dlm-kmp-default: before 5.3.18-150200.24.148.1

kernel-livepatch-5_3_18-150200_24_148-default-debuginfo: before 1-150200.5.3.1

kernel-default-livepatch: before 5.3.18-150200.24.148.1

kernel-default-livepatch-devel: before 5.3.18-150200.24.148.1

kernel-default-debugsource: before 5.3.18-150200.24.148.1

kernel-livepatch-5_3_18-150200_24_148-default: before 1-150200.5.3.1

kernel-livepatch-SLE15-SP2_Update_35-debugsource: before 1-150200.5.3.1

kernel-default-debuginfo: before 5.3.18-150200.24.148.1

kernel-default: before 5.3.18-150200.24.148.1

CPE2.3

External links

https://www.suse.com/support/update/announcement/2023/suse-su-20231800-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

15) Use-after-free

EUVDB-ID: #VU71764

Risk: Low

CVSSv4.0: 1.7 [CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-25012

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows an attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a use-after-free error within the bigben_remove() function in drivers/hid/hid-bigbenff.c. An attacker with physical access to the system can attach a specially crafted USB device to the system and cause a denial of service condition.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP2

SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2

SUSE Linux Enterprise High Availability Extension 15: SP2

SUSE Linux Enterprise Server for SAP Applications 15: SP2

SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise Server 15: SP2

SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise High Performance Computing 15: SP2

SUSE Enterprise Storage: 7.1

SUSE Manager Server: 4.1

SUSE Manager Retail Branch Server: 4.1

SUSE Manager Proxy: 4.1

reiserfs-kmp-default: before 5.3.18-150200.24.148.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.148.1

kernel-docs: before 5.3.18-150200.24.148.1

kernel-devel: before 5.3.18-150200.24.148.1

kernel-source: before 5.3.18-150200.24.148.1

kernel-macros: before 5.3.18-150200.24.148.1

kernel-default-base: before 5.3.18-150200.24.148.1.150200.9.71.1

kernel-default-devel: before 5.3.18-150200.24.148.1

kernel-preempt-devel: before 5.3.18-150200.24.148.1

kernel-syms: before 5.3.18-150200.24.148.1

kernel-obs-build: before 5.3.18-150200.24.148.1

kernel-default-devel-debuginfo: before 5.3.18-150200.24.148.1

kernel-obs-build-debugsource: before 5.3.18-150200.24.148.1

kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.148.1

kernel-preempt-debugsource: before 5.3.18-150200.24.148.1

kernel-preempt-debuginfo: before 5.3.18-150200.24.148.1

kernel-preempt: before 5.3.18-150200.24.148.1

ocfs2-kmp-default: before 5.3.18-150200.24.148.1

dlm-kmp-default-debuginfo: before 5.3.18-150200.24.148.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.148.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.148.1

gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.148.1

cluster-md-kmp-default: before 5.3.18-150200.24.148.1

gfs2-kmp-default: before 5.3.18-150200.24.148.1

dlm-kmp-default: before 5.3.18-150200.24.148.1

kernel-livepatch-5_3_18-150200_24_148-default-debuginfo: before 1-150200.5.3.1

kernel-default-livepatch: before 5.3.18-150200.24.148.1

kernel-default-livepatch-devel: before 5.3.18-150200.24.148.1

kernel-default-debugsource: before 5.3.18-150200.24.148.1

kernel-livepatch-5_3_18-150200_24_148-default: before 1-150200.5.3.1

kernel-livepatch-SLE15-SP2_Update_35-debugsource: before 1-150200.5.3.1

kernel-default-debuginfo: before 5.3.18-150200.24.148.1

kernel-default: before 5.3.18-150200.24.148.1

CPE2.3

External links

https://www.suse.com/support/update/announcement/2023/suse-su-20231800-1/

Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

16) NULL pointer dereference

EUVDB-ID: #VU74772

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-28327

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error within the unix_diag_get_exact() function in net/unix/diag.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP2

SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2

SUSE Linux Enterprise High Availability Extension 15: SP2

SUSE Linux Enterprise Server for SAP Applications 15: SP2

SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise Server 15: SP2

SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise High Performance Computing 15: SP2

SUSE Enterprise Storage: 7.1

SUSE Manager Server: 4.1

SUSE Manager Retail Branch Server: 4.1

SUSE Manager Proxy: 4.1

reiserfs-kmp-default: before 5.3.18-150200.24.148.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.148.1

kernel-docs: before 5.3.18-150200.24.148.1

kernel-devel: before 5.3.18-150200.24.148.1

kernel-source: before 5.3.18-150200.24.148.1

kernel-macros: before 5.3.18-150200.24.148.1

kernel-default-base: before 5.3.18-150200.24.148.1.150200.9.71.1

kernel-default-devel: before 5.3.18-150200.24.148.1

kernel-preempt-devel: before 5.3.18-150200.24.148.1

kernel-syms: before 5.3.18-150200.24.148.1

kernel-obs-build: before 5.3.18-150200.24.148.1

kernel-default-devel-debuginfo: before 5.3.18-150200.24.148.1

kernel-obs-build-debugsource: before 5.3.18-150200.24.148.1

kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.148.1

kernel-preempt-debugsource: before 5.3.18-150200.24.148.1

kernel-preempt-debuginfo: before 5.3.18-150200.24.148.1

kernel-preempt: before 5.3.18-150200.24.148.1

ocfs2-kmp-default: before 5.3.18-150200.24.148.1

dlm-kmp-default-debuginfo: before 5.3.18-150200.24.148.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.148.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.148.1

gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.148.1

cluster-md-kmp-default: before 5.3.18-150200.24.148.1

gfs2-kmp-default: before 5.3.18-150200.24.148.1

dlm-kmp-default: before 5.3.18-150200.24.148.1

kernel-livepatch-5_3_18-150200_24_148-default-debuginfo: before 1-150200.5.3.1

kernel-default-livepatch: before 5.3.18-150200.24.148.1

kernel-default-livepatch-devel: before 5.3.18-150200.24.148.1

kernel-default-debugsource: before 5.3.18-150200.24.148.1

kernel-livepatch-5_3_18-150200_24_148-default: before 1-150200.5.3.1

kernel-livepatch-SLE15-SP2_Update_35-debugsource: before 1-150200.5.3.1

kernel-default-debuginfo: before 5.3.18-150200.24.148.1

kernel-default: before 5.3.18-150200.24.148.1

CPE2.3

External links

https://www.suse.com/support/update/announcement/2023/suse-su-20231800-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

17) NULL pointer dereference

EUVDB-ID: #VU74126

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-28328

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error within the az6027 driver in drivers/media/usb/dev-usb/az6027.c in the Linux Kernel. A local user can pass specially crafted data to the application and perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP2

SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2

SUSE Linux Enterprise High Availability Extension 15: SP2

SUSE Linux Enterprise Server for SAP Applications 15: SP2

SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise Server 15: SP2

SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise High Performance Computing 15: SP2

SUSE Enterprise Storage: 7.1

SUSE Manager Server: 4.1

SUSE Manager Retail Branch Server: 4.1

SUSE Manager Proxy: 4.1

reiserfs-kmp-default: before 5.3.18-150200.24.148.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.148.1

kernel-docs: before 5.3.18-150200.24.148.1

kernel-devel: before 5.3.18-150200.24.148.1

kernel-source: before 5.3.18-150200.24.148.1

kernel-macros: before 5.3.18-150200.24.148.1

kernel-default-base: before 5.3.18-150200.24.148.1.150200.9.71.1

kernel-default-devel: before 5.3.18-150200.24.148.1

kernel-preempt-devel: before 5.3.18-150200.24.148.1

kernel-syms: before 5.3.18-150200.24.148.1

kernel-obs-build: before 5.3.18-150200.24.148.1

kernel-default-devel-debuginfo: before 5.3.18-150200.24.148.1

kernel-obs-build-debugsource: before 5.3.18-150200.24.148.1

kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.148.1

kernel-preempt-debugsource: before 5.3.18-150200.24.148.1

kernel-preempt-debuginfo: before 5.3.18-150200.24.148.1

kernel-preempt: before 5.3.18-150200.24.148.1

ocfs2-kmp-default: before 5.3.18-150200.24.148.1

dlm-kmp-default-debuginfo: before 5.3.18-150200.24.148.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.148.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.148.1

gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.148.1

cluster-md-kmp-default: before 5.3.18-150200.24.148.1

gfs2-kmp-default: before 5.3.18-150200.24.148.1

dlm-kmp-default: before 5.3.18-150200.24.148.1

kernel-livepatch-5_3_18-150200_24_148-default-debuginfo: before 1-150200.5.3.1

kernel-default-livepatch: before 5.3.18-150200.24.148.1

kernel-default-livepatch-devel: before 5.3.18-150200.24.148.1

kernel-default-debugsource: before 5.3.18-150200.24.148.1

kernel-livepatch-5_3_18-150200_24_148-default: before 1-150200.5.3.1

kernel-livepatch-SLE15-SP2_Update_35-debugsource: before 1-150200.5.3.1

kernel-default-debuginfo: before 5.3.18-150200.24.148.1

kernel-default: before 5.3.18-150200.24.148.1

CPE2.3

External links

https://www.suse.com/support/update/announcement/2023/suse-su-20231800-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

18) Double Free

EUVDB-ID: #VU74147

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-28464

CWE-ID: CWE-415 - Double Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error within the hci_conn_cleanup() function in net/bluetooth/hci_conn.c in Linux kernel. A local user can trigger a double free error and execute arbitrary code with elevated privileges.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP2

SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2

SUSE Linux Enterprise High Availability Extension 15: SP2

SUSE Linux Enterprise Server for SAP Applications 15: SP2

SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise Server 15: SP2

SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise High Performance Computing 15: SP2

SUSE Enterprise Storage: 7.1

SUSE Manager Server: 4.1

SUSE Manager Retail Branch Server: 4.1

SUSE Manager Proxy: 4.1

reiserfs-kmp-default: before 5.3.18-150200.24.148.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.148.1

kernel-docs: before 5.3.18-150200.24.148.1

kernel-devel: before 5.3.18-150200.24.148.1

kernel-source: before 5.3.18-150200.24.148.1

kernel-macros: before 5.3.18-150200.24.148.1

kernel-default-base: before 5.3.18-150200.24.148.1.150200.9.71.1

kernel-default-devel: before 5.3.18-150200.24.148.1

kernel-preempt-devel: before 5.3.18-150200.24.148.1

kernel-syms: before 5.3.18-150200.24.148.1

kernel-obs-build: before 5.3.18-150200.24.148.1

kernel-default-devel-debuginfo: before 5.3.18-150200.24.148.1

kernel-obs-build-debugsource: before 5.3.18-150200.24.148.1

kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.148.1

kernel-preempt-debugsource: before 5.3.18-150200.24.148.1

kernel-preempt-debuginfo: before 5.3.18-150200.24.148.1

kernel-preempt: before 5.3.18-150200.24.148.1

ocfs2-kmp-default: before 5.3.18-150200.24.148.1

dlm-kmp-default-debuginfo: before 5.3.18-150200.24.148.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.148.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.148.1

gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.148.1

cluster-md-kmp-default: before 5.3.18-150200.24.148.1

gfs2-kmp-default: before 5.3.18-150200.24.148.1

dlm-kmp-default: before 5.3.18-150200.24.148.1

kernel-livepatch-5_3_18-150200_24_148-default-debuginfo: before 1-150200.5.3.1

kernel-default-livepatch: before 5.3.18-150200.24.148.1

kernel-default-livepatch-devel: before 5.3.18-150200.24.148.1

kernel-default-debugsource: before 5.3.18-150200.24.148.1

kernel-livepatch-5_3_18-150200_24_148-default: before 1-150200.5.3.1

kernel-livepatch-SLE15-SP2_Update_35-debugsource: before 1-150200.5.3.1

kernel-default-debuginfo: before 5.3.18-150200.24.148.1

kernel-default: before 5.3.18-150200.24.148.1

CPE2.3

External links

https://www.suse.com/support/update/announcement/2023/suse-su-20231800-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

19) Race condition

EUVDB-ID: #VU74628

Risk: Low

CVSSv4.0: 4.4 [CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-28466

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a race condition caused by a missing lock_sock call within the do_tls_getsockopt() function in net/tls/tls_main.c. A local user can exploit the race and gain unauthorized access to sensitive information and escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP2

SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2

SUSE Linux Enterprise High Availability Extension 15: SP2

SUSE Linux Enterprise Server for SAP Applications 15: SP2

SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise Server 15: SP2

SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise High Performance Computing 15: SP2

SUSE Enterprise Storage: 7.1

SUSE Manager Server: 4.1

SUSE Manager Retail Branch Server: 4.1

SUSE Manager Proxy: 4.1

reiserfs-kmp-default: before 5.3.18-150200.24.148.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.148.1

kernel-docs: before 5.3.18-150200.24.148.1

kernel-devel: before 5.3.18-150200.24.148.1

kernel-source: before 5.3.18-150200.24.148.1

kernel-macros: before 5.3.18-150200.24.148.1

kernel-default-base: before 5.3.18-150200.24.148.1.150200.9.71.1

kernel-default-devel: before 5.3.18-150200.24.148.1

kernel-preempt-devel: before 5.3.18-150200.24.148.1

kernel-syms: before 5.3.18-150200.24.148.1

kernel-obs-build: before 5.3.18-150200.24.148.1

kernel-default-devel-debuginfo: before 5.3.18-150200.24.148.1

kernel-obs-build-debugsource: before 5.3.18-150200.24.148.1

kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.148.1

kernel-preempt-debugsource: before 5.3.18-150200.24.148.1

kernel-preempt-debuginfo: before 5.3.18-150200.24.148.1

kernel-preempt: before 5.3.18-150200.24.148.1

ocfs2-kmp-default: before 5.3.18-150200.24.148.1

dlm-kmp-default-debuginfo: before 5.3.18-150200.24.148.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.148.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.148.1

gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.148.1

cluster-md-kmp-default: before 5.3.18-150200.24.148.1

gfs2-kmp-default: before 5.3.18-150200.24.148.1

dlm-kmp-default: before 5.3.18-150200.24.148.1

kernel-livepatch-5_3_18-150200_24_148-default-debuginfo: before 1-150200.5.3.1

kernel-default-livepatch: before 5.3.18-150200.24.148.1

kernel-default-livepatch-devel: before 5.3.18-150200.24.148.1

kernel-default-debugsource: before 5.3.18-150200.24.148.1

kernel-livepatch-5_3_18-150200_24_148-default: before 1-150200.5.3.1

kernel-livepatch-SLE15-SP2_Update_35-debugsource: before 1-150200.5.3.1

kernel-default-debuginfo: before 5.3.18-150200.24.148.1

kernel-default: before 5.3.18-150200.24.148.1

CPE2.3

External links

https://www.suse.com/support/update/announcement/2023/suse-su-20231800-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

20) Buffer overflow

EUVDB-ID: #VU74627

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-28772

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error within the seq_buf_putmem_hex() function in lib/seq_buf.c. A local user can trigger memory corruption and execute arbitrary code with elevated privileges.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP2

SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2

SUSE Linux Enterprise High Availability Extension 15: SP2

SUSE Linux Enterprise Server for SAP Applications 15: SP2

SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise Server 15: SP2

SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise High Performance Computing 15: SP2

SUSE Enterprise Storage: 7.1

SUSE Manager Server: 4.1

SUSE Manager Retail Branch Server: 4.1

SUSE Manager Proxy: 4.1

reiserfs-kmp-default: before 5.3.18-150200.24.148.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.148.1

kernel-docs: before 5.3.18-150200.24.148.1

kernel-devel: before 5.3.18-150200.24.148.1

kernel-source: before 5.3.18-150200.24.148.1

kernel-macros: before 5.3.18-150200.24.148.1

kernel-default-base: before 5.3.18-150200.24.148.1.150200.9.71.1

kernel-default-devel: before 5.3.18-150200.24.148.1

kernel-preempt-devel: before 5.3.18-150200.24.148.1

kernel-syms: before 5.3.18-150200.24.148.1

kernel-obs-build: before 5.3.18-150200.24.148.1

kernel-default-devel-debuginfo: before 5.3.18-150200.24.148.1

kernel-obs-build-debugsource: before 5.3.18-150200.24.148.1

kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.148.1

kernel-preempt-debugsource: before 5.3.18-150200.24.148.1

kernel-preempt-debuginfo: before 5.3.18-150200.24.148.1

kernel-preempt: before 5.3.18-150200.24.148.1

ocfs2-kmp-default: before 5.3.18-150200.24.148.1

dlm-kmp-default-debuginfo: before 5.3.18-150200.24.148.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.148.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.148.1

gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.148.1

cluster-md-kmp-default: before 5.3.18-150200.24.148.1

gfs2-kmp-default: before 5.3.18-150200.24.148.1

dlm-kmp-default: before 5.3.18-150200.24.148.1

kernel-livepatch-5_3_18-150200_24_148-default-debuginfo: before 1-150200.5.3.1

kernel-default-livepatch: before 5.3.18-150200.24.148.1

kernel-default-livepatch-devel: before 5.3.18-150200.24.148.1

kernel-default-debugsource: before 5.3.18-150200.24.148.1

kernel-livepatch-5_3_18-150200_24_148-default: before 1-150200.5.3.1

kernel-livepatch-SLE15-SP2_Update_35-debugsource: before 1-150200.5.3.1

kernel-default-debuginfo: before 5.3.18-150200.24.148.1

kernel-default: before 5.3.18-150200.24.148.1

CPE2.3

External links

https://www.suse.com/support/update/announcement/2023/suse-su-20231800-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.