SUSE update for the Linux Kernel



| Updated: 2023-06-18
Risk Medium
Patch available YES
Number of vulnerabilities 62
CVE-ID CVE-2017-13695
CVE-2018-7755
CVE-2019-3837
CVE-2019-3900
CVE-2020-15393
CVE-2020-16119
CVE-2020-36557
CVE-2020-36558
CVE-2021-26341
CVE-2021-33655
CVE-2021-33656
CVE-2021-34981
CVE-2021-39713
CVE-2021-45868
CVE-2022-1011
CVE-2022-1048
CVE-2022-1353
CVE-2022-1462
CVE-2022-1652
CVE-2022-1679
CVE-2022-20132
CVE-2022-20166
CVE-2022-20368
CVE-2022-20369
CVE-2022-21123
CVE-2022-21125
CVE-2022-21127
CVE-2022-21166
CVE-2022-21180
CVE-2022-21385
CVE-2022-21499
CVE-2022-2318
CVE-2022-2663
CVE-2022-28356
CVE-2022-29900
CVE-2022-29901
CVE-2022-3028
CVE-2022-3303
CVE-2022-33981
CVE-2022-3424
CVE-2022-3524
CVE-2022-3565
CVE-2022-3566
CVE-2022-3586
CVE-2022-3621
CVE-2022-3635
CVE-2022-3646
CVE-2022-3649
CVE-2022-36879
CVE-2022-36946
CVE-2022-3903
CVE-2022-39188
CVE-2022-40768
CVE-2022-4095
CVE-2022-41218
CVE-2022-41848
CVE-2022-41850
CVE-2022-41858
CVE-2022-43750
CVE-2022-44032
CVE-2022-44033
CVE-2022-45934
CWE-ID CWE-200
CWE-264
CWE-362
CWE-835
CWE-401
CWE-416
CWE-476
CWE-668
CWE-787
CWE-415
CWE-254
CWE-125
CWE-459
CWE-20
CWE-284
CWE-1037
CWE-119
CWE-399
CWE-190
Exploitation vector Network
Public exploit Public exploit code for vulnerability #15 is available.
Public exploit code for vulnerability #50 is available.
Public exploit code for vulnerability #55 is available.
Vulnerable software
 SUSE Linux Enterprise Server
Operating systems & Components / Operating system

kernel-xen-devel
Operating systems & Components / Operating system package or component

kernel-xen-base
Operating systems & Components / Operating system package or component

kernel-xen
Operating systems & Components / Operating system package or component

kernel-trace-devel
Operating systems & Components / Operating system package or component

kernel-trace-base
Operating systems & Components / Operating system package or component

kernel-trace
Operating systems & Components / Operating system package or component

kernel-syms
Operating systems & Components / Operating system package or component

kernel-source
Operating systems & Components / Operating system package or component

kernel-ec2-devel
Operating systems & Components / Operating system package or component

kernel-ec2-base
Operating systems & Components / Operating system package or component

kernel-ec2
Operating systems & Components / Operating system package or component

kernel-default-devel
Operating systems & Components / Operating system package or component

kernel-default-base
Operating systems & Components / Operating system package or component

kernel-default
Operating systems & Components / Operating system package or component

Vendor SUSE

Security Bulletin

This security bulletin contains information about 62 vulnerabilities.

1) Information disclosure

EUVDB-ID: #VU64436

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2017-13695

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists in the Linux kernel's ACPI subsystem where a function does not flush the operand cache and causes a kernel stack dump. A local user can pass a specially crafted ACPI table to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server: 11-SP4-LTSS-EXTREME-CORE

kernel-xen-devel: before 3.0.101-108.138.1

kernel-xen-base: before 3.0.101-108.138.1

kernel-xen: before 3.0.101-108.138.1

kernel-trace-devel: before 3.0.101-108.138.1

kernel-trace-base: before 3.0.101-108.138.1

kernel-trace: before 3.0.101-108.138.1

kernel-syms: before 3.0.101-108.138.1

kernel-source: before 3.0.101-108.138.1

kernel-ec2-devel: before 3.0.101-108.138.1

kernel-ec2-base: before 3.0.101-108.138.1

kernel-ec2: before 3.0.101-108.138.1

kernel-default-devel: before 3.0.101-108.138.1

kernel-default-base: before 3.0.101-108.138.1

kernel-default: before 3.0.101-108.138.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2023/suse-su-20230416-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Security restrictions bypass

EUVDB-ID: #VU10918

Risk: Low

CVSSv4.0: 1.2 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2018-7755

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a local unauthenticated attacker to bypass security restrictions on the target system.

The weakness exists in the drivers/block/floppy.c source code in the fd_locked_ioctl function due to insufficient security restrictions. A local attacker can bypass security restrictions through the system floppy drive and obtain kernel code and data from the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server: 11-SP4-LTSS-EXTREME-CORE

kernel-xen-devel: before 3.0.101-108.138.1

kernel-xen-base: before 3.0.101-108.138.1

kernel-xen: before 3.0.101-108.138.1

kernel-trace-devel: before 3.0.101-108.138.1

kernel-trace-base: before 3.0.101-108.138.1

kernel-trace: before 3.0.101-108.138.1

kernel-syms: before 3.0.101-108.138.1

kernel-source: before 3.0.101-108.138.1

kernel-ec2-devel: before 3.0.101-108.138.1

kernel-ec2-base: before 3.0.101-108.138.1

kernel-ec2: before 3.0.101-108.138.1

kernel-default-devel: before 3.0.101-108.138.1

kernel-default-base: before 3.0.101-108.138.1

kernel-default: before 3.0.101-108.138.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2023/suse-su-20230416-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Race condition

EUVDB-ID: #VU77322

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2019-3837

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a race condition within the net_dma code in tcp_recvmsg(). A local user can exploit the race and crash the kernel.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server: 11-SP4-LTSS-EXTREME-CORE

kernel-xen-devel: before 3.0.101-108.138.1

kernel-xen-base: before 3.0.101-108.138.1

kernel-xen: before 3.0.101-108.138.1

kernel-trace-devel: before 3.0.101-108.138.1

kernel-trace-base: before 3.0.101-108.138.1

kernel-trace: before 3.0.101-108.138.1

kernel-syms: before 3.0.101-108.138.1

kernel-source: before 3.0.101-108.138.1

kernel-ec2-devel: before 3.0.101-108.138.1

kernel-ec2-base: before 3.0.101-108.138.1

kernel-ec2: before 3.0.101-108.138.1

kernel-default-devel: before 3.0.101-108.138.1

kernel-default-base: before 3.0.101-108.138.1

kernel-default: before 3.0.101-108.138.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2023/suse-su-20230416-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Infinite loop

EUVDB-ID: #VU19998

Risk: Low

CVSSv4.0: 1.2 [CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2019-3900

CWE-ID: CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to infinite loop in vhost_net kernel module when processing incoming packets in handle_rx(). A remote attacker with access to guest operating system can stall the vhost_net kernel thread and cause denial of service conditions.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server: 11-SP4-LTSS-EXTREME-CORE

kernel-xen-devel: before 3.0.101-108.138.1

kernel-xen-base: before 3.0.101-108.138.1

kernel-xen: before 3.0.101-108.138.1

kernel-trace-devel: before 3.0.101-108.138.1

kernel-trace-base: before 3.0.101-108.138.1

kernel-trace: before 3.0.101-108.138.1

kernel-syms: before 3.0.101-108.138.1

kernel-source: before 3.0.101-108.138.1

kernel-ec2-devel: before 3.0.101-108.138.1

kernel-ec2-base: before 3.0.101-108.138.1

kernel-ec2: before 3.0.101-108.138.1

kernel-default-devel: before 3.0.101-108.138.1

kernel-default-base: before 3.0.101-108.138.1

kernel-default: before 3.0.101-108.138.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2023/suse-su-20230416-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Memory leak

EUVDB-ID: #VU31921

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2020-15393

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform DoS attack on the target system.

The vulnerability exists due memory leak in "drivers/usb/misc/usbtest.c" file. A local user can force the application to leak memory and perform denial of service attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server: 11-SP4-LTSS-EXTREME-CORE

kernel-xen-devel: before 3.0.101-108.138.1

kernel-xen-base: before 3.0.101-108.138.1

kernel-xen: before 3.0.101-108.138.1

kernel-trace-devel: before 3.0.101-108.138.1

kernel-trace-base: before 3.0.101-108.138.1

kernel-trace: before 3.0.101-108.138.1

kernel-syms: before 3.0.101-108.138.1

kernel-source: before 3.0.101-108.138.1

kernel-ec2-devel: before 3.0.101-108.138.1

kernel-ec2-base: before 3.0.101-108.138.1

kernel-ec2: before 3.0.101-108.138.1

kernel-default-devel: before 3.0.101-108.138.1

kernel-default-base: before 3.0.101-108.138.1

kernel-default: before 3.0.101-108.138.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2023/suse-su-20230416-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Use-after-free

EUVDB-ID: #VU68424

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2020-16119

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error caused by the reuse of a DCCP socket with an attached dccps_hc_tx_ccid object as a listener. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server: 11-SP4-LTSS-EXTREME-CORE

kernel-xen-devel: before 3.0.101-108.138.1

kernel-xen-base: before 3.0.101-108.138.1

kernel-xen: before 3.0.101-108.138.1

kernel-trace-devel: before 3.0.101-108.138.1

kernel-trace-base: before 3.0.101-108.138.1

kernel-trace: before 3.0.101-108.138.1

kernel-syms: before 3.0.101-108.138.1

kernel-source: before 3.0.101-108.138.1

kernel-ec2-devel: before 3.0.101-108.138.1

kernel-ec2-base: before 3.0.101-108.138.1

kernel-ec2: before 3.0.101-108.138.1

kernel-default-devel: before 3.0.101-108.138.1

kernel-default-base: before 3.0.101-108.138.1

kernel-default: before 3.0.101-108.138.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2023/suse-su-20230416-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Race condition

EUVDB-ID: #VU66588

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2020-36557

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a race condition between the VT_DISALLOCATE IOCTL and closing/opening of ttys. A local user can exploit the race and gain unauthorized access to sensitive information and escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server: 11-SP4-LTSS-EXTREME-CORE

kernel-xen-devel: before 3.0.101-108.138.1

kernel-xen-base: before 3.0.101-108.138.1

kernel-xen: before 3.0.101-108.138.1

kernel-trace-devel: before 3.0.101-108.138.1

kernel-trace-base: before 3.0.101-108.138.1

kernel-trace: before 3.0.101-108.138.1

kernel-syms: before 3.0.101-108.138.1

kernel-source: before 3.0.101-108.138.1

kernel-ec2-devel: before 3.0.101-108.138.1

kernel-ec2-base: before 3.0.101-108.138.1

kernel-ec2: before 3.0.101-108.138.1

kernel-default-devel: before 3.0.101-108.138.1

kernel-default-base: before 3.0.101-108.138.1

kernel-default: before 3.0.101-108.138.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2023/suse-su-20230416-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) NULL pointer dereference

EUVDB-ID: #VU66589

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2020-36558

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error in the Linux kernel before 5.5.7 involving a VT_RESIZEX. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server: 11-SP4-LTSS-EXTREME-CORE

kernel-xen-devel: before 3.0.101-108.138.1

kernel-xen-base: before 3.0.101-108.138.1

kernel-xen: before 3.0.101-108.138.1

kernel-trace-devel: before 3.0.101-108.138.1

kernel-trace-base: before 3.0.101-108.138.1

kernel-trace: before 3.0.101-108.138.1

kernel-syms: before 3.0.101-108.138.1

kernel-source: before 3.0.101-108.138.1

kernel-ec2-devel: before 3.0.101-108.138.1

kernel-ec2-base: before 3.0.101-108.138.1

kernel-ec2: before 3.0.101-108.138.1

kernel-default-devel: before 3.0.101-108.138.1

kernel-default-base: before 3.0.101-108.138.1

kernel-default: before 3.0.101-108.138.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2023/suse-su-20230416-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) Exposure of Resource to Wrong Sphere

EUVDB-ID: #VU61565

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-26341

CWE-ID: CWE-668 - Exposure of resource to wrong sphere

Exploit availability: No

Description

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to some AMD CPUs may transiently execute beyond unconditional direct branches. A local user can gain unauthorized access to sensitive information on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server: 11-SP4-LTSS-EXTREME-CORE

kernel-xen-devel: before 3.0.101-108.138.1

kernel-xen-base: before 3.0.101-108.138.1

kernel-xen: before 3.0.101-108.138.1

kernel-trace-devel: before 3.0.101-108.138.1

kernel-trace-base: before 3.0.101-108.138.1

kernel-trace: before 3.0.101-108.138.1

kernel-syms: before 3.0.101-108.138.1

kernel-source: before 3.0.101-108.138.1

kernel-ec2-devel: before 3.0.101-108.138.1

kernel-ec2-base: before 3.0.101-108.138.1

kernel-ec2: before 3.0.101-108.138.1

kernel-default-devel: before 3.0.101-108.138.1

kernel-default-base: before 3.0.101-108.138.1

kernel-default: before 3.0.101-108.138.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2023/suse-su-20230416-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

10) Out-of-bounds write

EUVDB-ID: #VU65833

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-33655

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error in FBIOPUT_VSCREENINFO IOCTL. A local user can trigger an out-of-bounds write error and execute arbitrary code with elevated privileges.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server: 11-SP4-LTSS-EXTREME-CORE

kernel-xen-devel: before 3.0.101-108.138.1

kernel-xen-base: before 3.0.101-108.138.1

kernel-xen: before 3.0.101-108.138.1

kernel-trace-devel: before 3.0.101-108.138.1

kernel-trace-base: before 3.0.101-108.138.1

kernel-trace: before 3.0.101-108.138.1

kernel-syms: before 3.0.101-108.138.1

kernel-source: before 3.0.101-108.138.1

kernel-ec2-devel: before 3.0.101-108.138.1

kernel-ec2-base: before 3.0.101-108.138.1

kernel-ec2: before 3.0.101-108.138.1

kernel-default-devel: before 3.0.101-108.138.1

kernel-default-base: before 3.0.101-108.138.1

kernel-default: before 3.0.101-108.138.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2023/suse-su-20230416-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

11) Out-of-bounds write

EUVDB-ID: #VU66590

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-33656

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error when setting font with malicous data by ioctl cmd PIO_FONT. A local user can trigger an out-of-bounds write and execute arbitrary code with elevated privileges.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server: 11-SP4-LTSS-EXTREME-CORE

kernel-xen-devel: before 3.0.101-108.138.1

kernel-xen-base: before 3.0.101-108.138.1

kernel-xen: before 3.0.101-108.138.1

kernel-trace-devel: before 3.0.101-108.138.1

kernel-trace-base: before 3.0.101-108.138.1

kernel-trace: before 3.0.101-108.138.1

kernel-syms: before 3.0.101-108.138.1

kernel-source: before 3.0.101-108.138.1

kernel-ec2-devel: before 3.0.101-108.138.1

kernel-ec2-base: before 3.0.101-108.138.1

kernel-ec2: before 3.0.101-108.138.1

kernel-default-devel: before 3.0.101-108.138.1

kernel-default-base: before 3.0.101-108.138.1

kernel-default: before 3.0.101-108.138.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2023/suse-su-20230416-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

12) Double Free

EUVDB-ID: #VU77325

Risk: Low

CVSSv4.0: 4 [CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-34981

CWE-ID: CWE-415 - Double Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error within the CMTP module in Linux kernel. A local user can trigger a double free error and execute arbitrary code on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server: 11-SP4-LTSS-EXTREME-CORE

kernel-xen-devel: before 3.0.101-108.138.1

kernel-xen-base: before 3.0.101-108.138.1

kernel-xen: before 3.0.101-108.138.1

kernel-trace-devel: before 3.0.101-108.138.1

kernel-trace-base: before 3.0.101-108.138.1

kernel-trace: before 3.0.101-108.138.1

kernel-syms: before 3.0.101-108.138.1

kernel-source: before 3.0.101-108.138.1

kernel-ec2-devel: before 3.0.101-108.138.1

kernel-ec2-base: before 3.0.101-108.138.1

kernel-ec2: before 3.0.101-108.138.1

kernel-default-devel: before 3.0.101-108.138.1

kernel-default-base: before 3.0.101-108.138.1

kernel-default: before 3.0.101-108.138.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2023/suse-su-20230416-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

13) Security features bypass

EUVDB-ID: #VU63350

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-39713

CWE-ID: CWE-254 - Security Features

Exploit availability: No

Description

The vulnerability allows a local application to escalate privileges on the system.

The vulnerability exists due to multiple issues in Qdisc implementation related to rcu read lock. A local application can execute arbitrary code with elevated privileges.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server: 11-SP4-LTSS-EXTREME-CORE

kernel-xen-devel: before 3.0.101-108.138.1

kernel-xen-base: before 3.0.101-108.138.1

kernel-xen: before 3.0.101-108.138.1

kernel-trace-devel: before 3.0.101-108.138.1

kernel-trace-base: before 3.0.101-108.138.1

kernel-trace: before 3.0.101-108.138.1

kernel-syms: before 3.0.101-108.138.1

kernel-source: before 3.0.101-108.138.1

kernel-ec2-devel: before 3.0.101-108.138.1

kernel-ec2-base: before 3.0.101-108.138.1

kernel-ec2: before 3.0.101-108.138.1

kernel-default-devel: before 3.0.101-108.138.1

kernel-default-base: before 3.0.101-108.138.1

kernel-default: before 3.0.101-108.138.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2023/suse-su-20230416-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

14) Use-after-free

EUVDB-ID: #VU63422

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-45868

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial-of-service attack.

The vulnerability exists due to fs/quota/quota_tree.c does not validate the block number in the quota tree (on disk). A local user can trigger use-after-free error and perform a denial-of-service attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server: 11-SP4-LTSS-EXTREME-CORE

kernel-xen-devel: before 3.0.101-108.138.1

kernel-xen-base: before 3.0.101-108.138.1

kernel-xen: before 3.0.101-108.138.1

kernel-trace-devel: before 3.0.101-108.138.1

kernel-trace-base: before 3.0.101-108.138.1

kernel-trace: before 3.0.101-108.138.1

kernel-syms: before 3.0.101-108.138.1

kernel-source: before 3.0.101-108.138.1

kernel-ec2-devel: before 3.0.101-108.138.1

kernel-ec2-base: before 3.0.101-108.138.1

kernel-ec2: before 3.0.101-108.138.1

kernel-default-devel: before 3.0.101-108.138.1

kernel-default-base: before 3.0.101-108.138.1

kernel-default: before 3.0.101-108.138.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2023/suse-su-20230416-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

15) Use-after-free

EUVDB-ID: #VU63386

Risk: Low

CVSSv4.0: 7.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Clear]

CVE-ID: CVE-2022-1011

CWE-ID: CWE-416 - Use After Free

Exploit availability: Yes

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error in the write() function of FUSE filesystem. A local user can retireve (partial) /etc/shadow hashes and execute arbitrary code with elevated privileges.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server: 11-SP4-LTSS-EXTREME-CORE

kernel-xen-devel: before 3.0.101-108.138.1

kernel-xen-base: before 3.0.101-108.138.1

kernel-xen: before 3.0.101-108.138.1

kernel-trace-devel: before 3.0.101-108.138.1

kernel-trace-base: before 3.0.101-108.138.1

kernel-trace: before 3.0.101-108.138.1

kernel-syms: before 3.0.101-108.138.1

kernel-source: before 3.0.101-108.138.1

kernel-ec2-devel: before 3.0.101-108.138.1

kernel-ec2-base: before 3.0.101-108.138.1

kernel-ec2: before 3.0.101-108.138.1

kernel-default-devel: before 3.0.101-108.138.1

kernel-default-base: before 3.0.101-108.138.1

kernel-default: before 3.0.101-108.138.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2023/suse-su-20230416-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

16) Use-after-free

EUVDB-ID: #VU63428

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-1048

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to execute arbitrary code with elevated privileges.

The vulnerability exists due to a use-after-free error in the Linux kernel’s sound subsystem in the way a user triggers concurrent calls of PCM hw_params. A local user can execute arbitrary code with elevated privileges and perform a denial-of-service attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server: 11-SP4-LTSS-EXTREME-CORE

kernel-xen-devel: before 3.0.101-108.138.1

kernel-xen-base: before 3.0.101-108.138.1

kernel-xen: before 3.0.101-108.138.1

kernel-trace-devel: before 3.0.101-108.138.1

kernel-trace-base: before 3.0.101-108.138.1

kernel-trace: before 3.0.101-108.138.1

kernel-syms: before 3.0.101-108.138.1

kernel-source: before 3.0.101-108.138.1

kernel-ec2-devel: before 3.0.101-108.138.1

kernel-ec2-base: before 3.0.101-108.138.1

kernel-ec2: before 3.0.101-108.138.1

kernel-default-devel: before 3.0.101-108.138.1

kernel-default-base: before 3.0.101-108.138.1

kernel-default: before 3.0.101-108.138.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2023/suse-su-20230416-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

17) Information disclosure

EUVDB-ID: #VU63388

Risk: Low

CVSSv4.0: 4.5 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-1353

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to excessive data output by the application in the pfkey_register function in net/key/af_key.c in the Linux kernel. A local user can gain unauthorized access to kernel memory, leading to a system crash or a leak of internal kernel information.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server: 11-SP4-LTSS-EXTREME-CORE

kernel-xen-devel: before 3.0.101-108.138.1

kernel-xen-base: before 3.0.101-108.138.1

kernel-xen: before 3.0.101-108.138.1

kernel-trace-devel: before 3.0.101-108.138.1

kernel-trace-base: before 3.0.101-108.138.1

kernel-trace: before 3.0.101-108.138.1

kernel-syms: before 3.0.101-108.138.1

kernel-source: before 3.0.101-108.138.1

kernel-ec2-devel: before 3.0.101-108.138.1

kernel-ec2-base: before 3.0.101-108.138.1

kernel-ec2: before 3.0.101-108.138.1

kernel-default-devel: before 3.0.101-108.138.1

kernel-default-base: before 3.0.101-108.138.1

kernel-default: before 3.0.101-108.138.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2023/suse-su-20230416-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

18) Out-of-bounds read

EUVDB-ID: #VU66591

Risk: Low

CVSSv4.0: 4.4 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-1462

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform denial of service (DoS) attack.

The vulnerability exists due to a boundary condition within the the Linux kernel’s TeleTYpe subsystem caused by a race condition when using ioctls TIOCSPTLCK and TIOCGPTPEER and TIOCSTI and TCXONC with leakage of memory file. A local user can trigger an out-of-bounds read error and crash the system or read random kernel memory.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server: 11-SP4-LTSS-EXTREME-CORE

kernel-xen-devel: before 3.0.101-108.138.1

kernel-xen-base: before 3.0.101-108.138.1

kernel-xen: before 3.0.101-108.138.1

kernel-trace-devel: before 3.0.101-108.138.1

kernel-trace-base: before 3.0.101-108.138.1

kernel-trace: before 3.0.101-108.138.1

kernel-syms: before 3.0.101-108.138.1

kernel-source: before 3.0.101-108.138.1

kernel-ec2-devel: before 3.0.101-108.138.1

kernel-ec2-base: before 3.0.101-108.138.1

kernel-ec2: before 3.0.101-108.138.1

kernel-default-devel: before 3.0.101-108.138.1

kernel-default-base: before 3.0.101-108.138.1

kernel-default: before 3.0.101-108.138.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2023/suse-su-20230416-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

19) Use-after-free

EUVDB-ID: #VU64434

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-1652

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to use-after-free error in the bad_flp_intr() function. A local user can execute a specially-crafted program to cause a denial of service condition on the system or escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server: 11-SP4-LTSS-EXTREME-CORE

kernel-xen-devel: before 3.0.101-108.138.1

kernel-xen-base: before 3.0.101-108.138.1

kernel-xen: before 3.0.101-108.138.1

kernel-trace-devel: before 3.0.101-108.138.1

kernel-trace-base: before 3.0.101-108.138.1

kernel-trace: before 3.0.101-108.138.1

kernel-syms: before 3.0.101-108.138.1

kernel-source: before 3.0.101-108.138.1

kernel-ec2-devel: before 3.0.101-108.138.1

kernel-ec2-base: before 3.0.101-108.138.1

kernel-ec2: before 3.0.101-108.138.1

kernel-default-devel: before 3.0.101-108.138.1

kernel-default-base: before 3.0.101-108.138.1

kernel-default: before 3.0.101-108.138.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2023/suse-su-20230416-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

20) Use-after-free

EUVDB-ID: #VU64861

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-1679

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the ath9k_htc_wait_for_target() function in the Linux kernel’s Atheros wireless adapter driver. A local user can execute arbitrary code with elevated privileges.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server: 11-SP4-LTSS-EXTREME-CORE

kernel-xen-devel: before 3.0.101-108.138.1

kernel-xen-base: before 3.0.101-108.138.1

kernel-xen: before 3.0.101-108.138.1

kernel-trace-devel: before 3.0.101-108.138.1

kernel-trace-base: before 3.0.101-108.138.1

kernel-trace: before 3.0.101-108.138.1

kernel-syms: before 3.0.101-108.138.1

kernel-source: before 3.0.101-108.138.1

kernel-ec2-devel: before 3.0.101-108.138.1

kernel-ec2-base: before 3.0.101-108.138.1

kernel-ec2: before 3.0.101-108.138.1

kernel-default-devel: before 3.0.101-108.138.1

kernel-default-base: before 3.0.101-108.138.1

kernel-default: before 3.0.101-108.138.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2023/suse-su-20230416-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

21) Information disclosure

EUVDB-ID: #VU64136

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-20132

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to excessive data output in the USB HID component in Linux Kernel. A local user can trigger the vulnerability to gain access to potentially sensitive information.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server: 11-SP4-LTSS-EXTREME-CORE

kernel-xen-devel: before 3.0.101-108.138.1

kernel-xen-base: before 3.0.101-108.138.1

kernel-xen: before 3.0.101-108.138.1

kernel-trace-devel: before 3.0.101-108.138.1

kernel-trace-base: before 3.0.101-108.138.1

kernel-trace: before 3.0.101-108.138.1

kernel-syms: before 3.0.101-108.138.1

kernel-source: before 3.0.101-108.138.1

kernel-ec2-devel: before 3.0.101-108.138.1

kernel-ec2-base: before 3.0.101-108.138.1

kernel-ec2: before 3.0.101-108.138.1

kernel-default-devel: before 3.0.101-108.138.1

kernel-default-base: before 3.0.101-108.138.1

kernel-default: before 3.0.101-108.138.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2023/suse-su-20230416-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

22) Permissions, Privileges, and Access Controls

EUVDB-ID: #VU64208

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-20166

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to unspecified error in the Linux Kernel. A local user can bypass security restrictions and escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server: 11-SP4-LTSS-EXTREME-CORE

kernel-xen-devel: before 3.0.101-108.138.1

kernel-xen-base: before 3.0.101-108.138.1

kernel-xen: before 3.0.101-108.138.1

kernel-trace-devel: before 3.0.101-108.138.1

kernel-trace-base: before 3.0.101-108.138.1

kernel-trace: before 3.0.101-108.138.1

kernel-syms: before 3.0.101-108.138.1

kernel-source: before 3.0.101-108.138.1

kernel-ec2-devel: before 3.0.101-108.138.1

kernel-ec2-base: before 3.0.101-108.138.1

kernel-ec2: before 3.0.101-108.138.1

kernel-default-devel: before 3.0.101-108.138.1

kernel-default-base: before 3.0.101-108.138.1

kernel-default: before 3.0.101-108.138.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2023/suse-su-20230416-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

23) Out-of-bounds read

EUVDB-ID: #VU67473

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-20368

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary condition within the packet_recvmsg() function in Linux kernel. A local user can trigger an out-of-bounds read error and potentially escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server: 11-SP4-LTSS-EXTREME-CORE

kernel-xen-devel: before 3.0.101-108.138.1

kernel-xen-base: before 3.0.101-108.138.1

kernel-xen: before 3.0.101-108.138.1

kernel-trace-devel: before 3.0.101-108.138.1

kernel-trace-base: before 3.0.101-108.138.1

kernel-trace: before 3.0.101-108.138.1

kernel-syms: before 3.0.101-108.138.1

kernel-source: before 3.0.101-108.138.1

kernel-ec2-devel: before 3.0.101-108.138.1

kernel-ec2-base: before 3.0.101-108.138.1

kernel-ec2: before 3.0.101-108.138.1

kernel-default-devel: before 3.0.101-108.138.1

kernel-default-base: before 3.0.101-108.138.1

kernel-default: before 3.0.101-108.138.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2023/suse-su-20230416-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

24) Out-of-bounds write

EUVDB-ID: #VU67474

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-20369

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error within the v4l2_m2m_querybuf() function in v4l2-mem2mem.c. A local user can trigger ab out-of-bounds write and execute arbitrary code with elevated privileges.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server: 11-SP4-LTSS-EXTREME-CORE

kernel-xen-devel: before 3.0.101-108.138.1

kernel-xen-base: before 3.0.101-108.138.1

kernel-xen: before 3.0.101-108.138.1

kernel-trace-devel: before 3.0.101-108.138.1

kernel-trace-base: before 3.0.101-108.138.1

kernel-trace: before 3.0.101-108.138.1

kernel-syms: before 3.0.101-108.138.1

kernel-source: before 3.0.101-108.138.1

kernel-ec2-devel: before 3.0.101-108.138.1

kernel-ec2-base: before 3.0.101-108.138.1

kernel-ec2: before 3.0.101-108.138.1

kernel-default-devel: before 3.0.101-108.138.1

kernel-default-base: before 3.0.101-108.138.1

kernel-default: before 3.0.101-108.138.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2023/suse-su-20230416-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

25) Information disclosure

EUVDB-ID: #VU64364

Risk: Low

CVSSv4.0: 4 [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-21123

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows an attacker to gain access to potentially sensitive information.

The vulnerability exists in Intel processors due to excessive data output when DirectPath I/O (PCI-Passthrough) is utilized. An attacker (both local and remote) with administrative access to a virtual machine that has an attached DirectPath I/O (PCI-Passthrough) device can obtain information stored in physical memory about the hypervisor or other virtual machines that reside on the same host.


Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server: 11-SP4-LTSS-EXTREME-CORE

kernel-xen-devel: before 3.0.101-108.138.1

kernel-xen-base: before 3.0.101-108.138.1

kernel-xen: before 3.0.101-108.138.1

kernel-trace-devel: before 3.0.101-108.138.1

kernel-trace-base: before 3.0.101-108.138.1

kernel-trace: before 3.0.101-108.138.1

kernel-syms: before 3.0.101-108.138.1

kernel-source: before 3.0.101-108.138.1

kernel-ec2-devel: before 3.0.101-108.138.1

kernel-ec2-base: before 3.0.101-108.138.1

kernel-ec2: before 3.0.101-108.138.1

kernel-default-devel: before 3.0.101-108.138.1

kernel-default-base: before 3.0.101-108.138.1

kernel-default: before 3.0.101-108.138.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2023/suse-su-20230416-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

26) Information disclosure

EUVDB-ID: #VU64365

Risk: Low

CVSSv4.0: 4 [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-21125

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows an attacker to gain access to potentially sensitive information.

The vulnerability exists in Intel processors due to excessive data output when DirectPath I/O (PCI-Passthrough) is utilized. An attacker (both local and remote) with administrative access to a virtual machine that has an attached DirectPath I/O (PCI-Passthrough) device can obtain information stored in physical memory about the hypervisor or other virtual machines that reside on the same host.



Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server: 11-SP4-LTSS-EXTREME-CORE

kernel-xen-devel: before 3.0.101-108.138.1

kernel-xen-base: before 3.0.101-108.138.1

kernel-xen: before 3.0.101-108.138.1

kernel-trace-devel: before 3.0.101-108.138.1

kernel-trace-base: before 3.0.101-108.138.1

kernel-trace: before 3.0.101-108.138.1

kernel-syms: before 3.0.101-108.138.1

kernel-source: before 3.0.101-108.138.1

kernel-ec2-devel: before 3.0.101-108.138.1

kernel-ec2-base: before 3.0.101-108.138.1

kernel-ec2: before 3.0.101-108.138.1

kernel-default-devel: before 3.0.101-108.138.1

kernel-default-base: before 3.0.101-108.138.1

kernel-default: before 3.0.101-108.138.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2023/suse-su-20230416-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

27) Incomplete cleanup

EUVDB-ID: #VU64376

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-21127

CWE-ID: CWE-459 - Incomplete cleanup

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information on the system.

The vulnerability exists due to incomplete cleanup in specific special register read operations. A local user can enable information disclosure.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server: 11-SP4-LTSS-EXTREME-CORE

kernel-xen-devel: before 3.0.101-108.138.1

kernel-xen-base: before 3.0.101-108.138.1

kernel-xen: before 3.0.101-108.138.1

kernel-trace-devel: before 3.0.101-108.138.1

kernel-trace-base: before 3.0.101-108.138.1

kernel-trace: before 3.0.101-108.138.1

kernel-syms: before 3.0.101-108.138.1

kernel-source: before 3.0.101-108.138.1

kernel-ec2-devel: before 3.0.101-108.138.1

kernel-ec2-base: before 3.0.101-108.138.1

kernel-ec2: before 3.0.101-108.138.1

kernel-default-devel: before 3.0.101-108.138.1

kernel-default-base: before 3.0.101-108.138.1

kernel-default: before 3.0.101-108.138.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2023/suse-su-20230416-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

28) Information disclosure

EUVDB-ID: #VU64366

Risk: Low

CVSSv4.0: 4 [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-21166

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows an attacker to gain access to potentially sensitive information.

The vulnerability exists in Intel processors due to excessive data output when DirectPath I/O (PCI-Passthrough) is utilized. An attacker (both local and remote) with administrative access to a virtual machine that has an attached DirectPath I/O (PCI-Passthrough) device can obtain information stored in physical memory about the hypervisor or other virtual machines that reside on the same host.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server: 11-SP4-LTSS-EXTREME-CORE

kernel-xen-devel: before 3.0.101-108.138.1

kernel-xen-base: before 3.0.101-108.138.1

kernel-xen: before 3.0.101-108.138.1

kernel-trace-devel: before 3.0.101-108.138.1

kernel-trace-base: before 3.0.101-108.138.1

kernel-trace: before 3.0.101-108.138.1

kernel-syms: before 3.0.101-108.138.1

kernel-source: before 3.0.101-108.138.1

kernel-ec2-devel: before 3.0.101-108.138.1

kernel-ec2-base: before 3.0.101-108.138.1

kernel-ec2: before 3.0.101-108.138.1

kernel-default-devel: before 3.0.101-108.138.1

kernel-default-base: before 3.0.101-108.138.1

kernel-default: before 3.0.101-108.138.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2023/suse-su-20230416-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

29) Input validation error

EUVDB-ID: #VU64377

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-21180

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation in Memory Mapped I/O (MMIO) for some 14nm Client/Xeon E3 Intel® Processors. A local user can pass specially crafted input and perform a denial of service (DoS) attack in certain virtualized environments.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server: 11-SP4-LTSS-EXTREME-CORE

kernel-xen-devel: before 3.0.101-108.138.1

kernel-xen-base: before 3.0.101-108.138.1

kernel-xen: before 3.0.101-108.138.1

kernel-trace-devel: before 3.0.101-108.138.1

kernel-trace-base: before 3.0.101-108.138.1

kernel-trace: before 3.0.101-108.138.1

kernel-syms: before 3.0.101-108.138.1

kernel-source: before 3.0.101-108.138.1

kernel-ec2-devel: before 3.0.101-108.138.1

kernel-ec2-base: before 3.0.101-108.138.1

kernel-ec2: before 3.0.101-108.138.1

kernel-default-devel: before 3.0.101-108.138.1

kernel-default-base: before 3.0.101-108.138.1

kernel-default: before 3.0.101-108.138.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2023/suse-su-20230416-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

30) Input validation error

EUVDB-ID: #VU67475

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-21385

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input within the net_rds_alloc_sgs() function in net/rds/message.c in Linux kernel. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server: 11-SP4-LTSS-EXTREME-CORE

kernel-xen-devel: before 3.0.101-108.138.1

kernel-xen-base: before 3.0.101-108.138.1

kernel-xen: before 3.0.101-108.138.1

kernel-trace-devel: before 3.0.101-108.138.1

kernel-trace-base: before 3.0.101-108.138.1

kernel-trace: before 3.0.101-108.138.1

kernel-syms: before 3.0.101-108.138.1

kernel-source: before 3.0.101-108.138.1

kernel-ec2-devel: before 3.0.101-108.138.1

kernel-ec2-base: before 3.0.101-108.138.1

kernel-ec2: before 3.0.101-108.138.1

kernel-default-devel: before 3.0.101-108.138.1

kernel-default-base: before 3.0.101-108.138.1

kernel-default: before 3.0.101-108.138.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2023/suse-su-20230416-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

31) Improper access control

EUVDB-ID: #VU63961

Risk: Low

CVSSv4.0: 5.6 [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-21499

CWE-ID: CWE-284 - Improper Access Control

Exploit availability: No

Description

The vulnerability allows a local user to bypass implemented security restrictions.

The vulnerability exists due to improper access restrictions to the kernel debugger when booted in secure boot environments. A local privileged user can bypass UEFI Secure Boot restrictions.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server: 11-SP4-LTSS-EXTREME-CORE

kernel-xen-devel: before 3.0.101-108.138.1

kernel-xen-base: before 3.0.101-108.138.1

kernel-xen: before 3.0.101-108.138.1

kernel-trace-devel: before 3.0.101-108.138.1

kernel-trace-base: before 3.0.101-108.138.1

kernel-trace: before 3.0.101-108.138.1

kernel-syms: before 3.0.101-108.138.1

kernel-source: before 3.0.101-108.138.1

kernel-ec2-devel: before 3.0.101-108.138.1

kernel-ec2-base: before 3.0.101-108.138.1

kernel-ec2: before 3.0.101-108.138.1

kernel-default-devel: before 3.0.101-108.138.1

kernel-default-base: before 3.0.101-108.138.1

kernel-default: before 3.0.101-108.138.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2023/suse-su-20230416-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

32) Use-after-free

EUVDB-ID: #VU65318

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-2318

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service attack.

The vulnerability exists due to a use-after-free error caused by timer handler in net/rose/rose_timer.c of linux. A local user can exploit the vulnerability to perform a denial of service attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server: 11-SP4-LTSS-EXTREME-CORE

kernel-xen-devel: before 3.0.101-108.138.1

kernel-xen-base: before 3.0.101-108.138.1

kernel-xen: before 3.0.101-108.138.1

kernel-trace-devel: before 3.0.101-108.138.1

kernel-trace-base: before 3.0.101-108.138.1

kernel-trace: before 3.0.101-108.138.1

kernel-syms: before 3.0.101-108.138.1

kernel-source: before 3.0.101-108.138.1

kernel-ec2-devel: before 3.0.101-108.138.1

kernel-ec2-base: before 3.0.101-108.138.1

kernel-ec2: before 3.0.101-108.138.1

kernel-default-devel: before 3.0.101-108.138.1

kernel-default-base: before 3.0.101-108.138.1

kernel-default: before 3.0.101-108.138.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2023/suse-su-20230416-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

33) Input validation error

EUVDB-ID: #VU67510

Risk: Medium

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2022-2663

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to bypass firewall rules.

The vulnerability exists due to insufficient validation of user-supplied input in nf_conntrack_irc in Linux kernel. A remote attacker can send unencrypted IRC with nf_conntrack_irc configured and bypass configured firewall rules.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server: 11-SP4-LTSS-EXTREME-CORE

kernel-xen-devel: before 3.0.101-108.138.1

kernel-xen-base: before 3.0.101-108.138.1

kernel-xen: before 3.0.101-108.138.1

kernel-trace-devel: before 3.0.101-108.138.1

kernel-trace-base: before 3.0.101-108.138.1

kernel-trace: before 3.0.101-108.138.1

kernel-syms: before 3.0.101-108.138.1

kernel-source: before 3.0.101-108.138.1

kernel-ec2-devel: before 3.0.101-108.138.1

kernel-ec2-base: before 3.0.101-108.138.1

kernel-ec2: before 3.0.101-108.138.1

kernel-default-devel: before 3.0.101-108.138.1

kernel-default-base: before 3.0.101-108.138.1

kernel-default: before 3.0.101-108.138.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2023/suse-su-20230416-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

34) Memory leak

EUVDB-ID: #VU63390

Risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2022-28356

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform DoS attack on the target system.

The vulnerability exists due memory leak in net/llc/af_llc.c component. A remote attacker can force the system to leak memory and perform denial of service attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server: 11-SP4-LTSS-EXTREME-CORE

kernel-xen-devel: before 3.0.101-108.138.1

kernel-xen-base: before 3.0.101-108.138.1

kernel-xen: before 3.0.101-108.138.1

kernel-trace-devel: before 3.0.101-108.138.1

kernel-trace-base: before 3.0.101-108.138.1

kernel-trace: before 3.0.101-108.138.1

kernel-syms: before 3.0.101-108.138.1

kernel-source: before 3.0.101-108.138.1

kernel-ec2-devel: before 3.0.101-108.138.1

kernel-ec2-base: before 3.0.101-108.138.1

kernel-ec2: before 3.0.101-108.138.1

kernel-default-devel: before 3.0.101-108.138.1

kernel-default-base: before 3.0.101-108.138.1

kernel-default: before 3.0.101-108.138.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2023/suse-su-20230416-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

35) Processor optimization removal or modification of security-critical code

EUVDB-ID: #VU65205

Risk: Low

CVSSv4.0: 4.4 [CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-29900

CWE-ID: CWE-1037 - Processor optimization removal or modification of security-critical code

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a mistrained branch predictions for return instructions. A local user can execute arbitrary speculative code under certain microarchitecture-dependent conditions. The vulnerability was dubbed  RETbleed.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server: 11-SP4-LTSS-EXTREME-CORE

kernel-xen-devel: before 3.0.101-108.138.1

kernel-xen-base: before 3.0.101-108.138.1

kernel-xen: before 3.0.101-108.138.1

kernel-trace-devel: before 3.0.101-108.138.1

kernel-trace-base: before 3.0.101-108.138.1

kernel-trace: before 3.0.101-108.138.1

kernel-syms: before 3.0.101-108.138.1

kernel-source: before 3.0.101-108.138.1

kernel-ec2-devel: before 3.0.101-108.138.1

kernel-ec2-base: before 3.0.101-108.138.1

kernel-ec2: before 3.0.101-108.138.1

kernel-default-devel: before 3.0.101-108.138.1

kernel-default-base: before 3.0.101-108.138.1

kernel-default: before 3.0.101-108.138.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2023/suse-su-20230416-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

36) Processor optimization removal or modification of security-critical code

EUVDB-ID: #VU65220

Risk: Low

CVSSv4.0: 1.9 [CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-29901

CWE-ID: CWE-1037 - Processor optimization removal or modification of security-critical code

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to the way non-transparent sharing of branch predictor targets between contexts. A local user can exploit the vulnerability to gain access to sensitive information.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server: 11-SP4-LTSS-EXTREME-CORE

kernel-xen-devel: before 3.0.101-108.138.1

kernel-xen-base: before 3.0.101-108.138.1

kernel-xen: before 3.0.101-108.138.1

kernel-trace-devel: before 3.0.101-108.138.1

kernel-trace-base: before 3.0.101-108.138.1

kernel-trace: before 3.0.101-108.138.1

kernel-syms: before 3.0.101-108.138.1

kernel-source: before 3.0.101-108.138.1

kernel-ec2-devel: before 3.0.101-108.138.1

kernel-ec2-base: before 3.0.101-108.138.1

kernel-ec2: before 3.0.101-108.138.1

kernel-default-devel: before 3.0.101-108.138.1

kernel-default-base: before 3.0.101-108.138.1

kernel-default: before 3.0.101-108.138.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2023/suse-su-20230416-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

37) Race condition

EUVDB-ID: #VU67477

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-3028

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a race condition in the Linux kernel's IP framework for transforming packets (XFRM subsystem) when multiple calls to xfrm_probe_algs occurred simultaneously. A local user can exploit the race and escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server: 11-SP4-LTSS-EXTREME-CORE

kernel-xen-devel: before 3.0.101-108.138.1

kernel-xen-base: before 3.0.101-108.138.1

kernel-xen: before 3.0.101-108.138.1

kernel-trace-devel: before 3.0.101-108.138.1

kernel-trace-base: before 3.0.101-108.138.1

kernel-trace: before 3.0.101-108.138.1

kernel-syms: before 3.0.101-108.138.1

kernel-source: before 3.0.101-108.138.1

kernel-ec2-devel: before 3.0.101-108.138.1

kernel-ec2-base: before 3.0.101-108.138.1

kernel-ec2: before 3.0.101-108.138.1

kernel-default-devel: before 3.0.101-108.138.1

kernel-default-base: before 3.0.101-108.138.1

kernel-default: before 3.0.101-108.138.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2023/suse-su-20230416-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

38) NULL pointer dereference

EUVDB-ID: #VU68338

Risk: Low

CVSSv4.0: 4 [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-3303

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error in the Linux kernel sound subsystem due to improper locking when handling the SNDCTL_DSP_SYNC ioctl. A privileged local user can trigger a NULL pointer dereference error and perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server: 11-SP4-LTSS-EXTREME-CORE

kernel-xen-devel: before 3.0.101-108.138.1

kernel-xen-base: before 3.0.101-108.138.1

kernel-xen: before 3.0.101-108.138.1

kernel-trace-devel: before 3.0.101-108.138.1

kernel-trace-base: before 3.0.101-108.138.1

kernel-trace: before 3.0.101-108.138.1

kernel-syms: before 3.0.101-108.138.1

kernel-source: before 3.0.101-108.138.1

kernel-ec2-devel: before 3.0.101-108.138.1

kernel-ec2-base: before 3.0.101-108.138.1

kernel-ec2: before 3.0.101-108.138.1

kernel-default-devel: before 3.0.101-108.138.1

kernel-default-base: before 3.0.101-108.138.1

kernel-default: before 3.0.101-108.138.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2023/suse-su-20230416-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

39) Use-after-free

EUVDB-ID: #VU64944

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-33981

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to perform denial of service attack.

The vulnerability exists due to a use-after-free error in drivers/block/floppy.c in the Linux kernel when deallocating raw_cmd in the raw_cmd_ioctl function(). A local user can trigger use-after-free and perform denial of service attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server: 11-SP4-LTSS-EXTREME-CORE

kernel-xen-devel: before 3.0.101-108.138.1

kernel-xen-base: before 3.0.101-108.138.1

kernel-xen: before 3.0.101-108.138.1

kernel-trace-devel: before 3.0.101-108.138.1

kernel-trace-base: before 3.0.101-108.138.1

kernel-trace: before 3.0.101-108.138.1

kernel-syms: before 3.0.101-108.138.1

kernel-source: before 3.0.101-108.138.1

kernel-ec2-devel: before 3.0.101-108.138.1

kernel-ec2-base: before 3.0.101-108.138.1

kernel-ec2: before 3.0.101-108.138.1

kernel-default-devel: before 3.0.101-108.138.1

kernel-default-base: before 3.0.101-108.138.1

kernel-default: before 3.0.101-108.138.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2023/suse-su-20230416-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

40) Use-after-free

EUVDB-ID: #VU69759

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-3424

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the gru_set_context_option(), gru_fault() and gru_handle_user_call_os() functions in Linux kernel. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server: 11-SP4-LTSS-EXTREME-CORE

kernel-xen-devel: before 3.0.101-108.138.1

kernel-xen-base: before 3.0.101-108.138.1

kernel-xen: before 3.0.101-108.138.1

kernel-trace-devel: before 3.0.101-108.138.1

kernel-trace-base: before 3.0.101-108.138.1

kernel-trace: before 3.0.101-108.138.1

kernel-syms: before 3.0.101-108.138.1

kernel-source: before 3.0.101-108.138.1

kernel-ec2-devel: before 3.0.101-108.138.1

kernel-ec2-base: before 3.0.101-108.138.1

kernel-ec2: before 3.0.101-108.138.1

kernel-default-devel: before 3.0.101-108.138.1

kernel-default-base: before 3.0.101-108.138.1

kernel-default: before 3.0.101-108.138.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2023/suse-su-20230416-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

41) Memory leak

EUVDB-ID: #VU69756

Risk: Medium

CVSSv4.0: 2.3 [CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2022-3524

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform DoS attack on the target system.

The vulnerability exists due memory leak within the ipv6_renew_options() function when retrieving a new IPv6 address from a malicious DHCP server. A remote attacker can force the system to leak memory and perform denial of service attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server: 11-SP4-LTSS-EXTREME-CORE

kernel-xen-devel: before 3.0.101-108.138.1

kernel-xen-base: before 3.0.101-108.138.1

kernel-xen: before 3.0.101-108.138.1

kernel-trace-devel: before 3.0.101-108.138.1

kernel-trace-base: before 3.0.101-108.138.1

kernel-trace: before 3.0.101-108.138.1

kernel-syms: before 3.0.101-108.138.1

kernel-source: before 3.0.101-108.138.1

kernel-ec2-devel: before 3.0.101-108.138.1

kernel-ec2-base: before 3.0.101-108.138.1

kernel-ec2: before 3.0.101-108.138.1

kernel-default-devel: before 3.0.101-108.138.1

kernel-default-base: before 3.0.101-108.138.1

kernel-default: before 3.0.101-108.138.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2023/suse-su-20230416-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

42) Buffer overflow

EUVDB-ID: #VU69709

Risk: Low

CVSSv4.0: 4 [CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-3565

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows an attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error within the del_timer() function in drivers/isdn/mISDN/l1oip_core.c in the Bluetooth component. An attacker with physical proximity to device can trigger memory corruption and execute arbitrary code on the target system.


Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server: 11-SP4-LTSS-EXTREME-CORE

kernel-xen-devel: before 3.0.101-108.138.1

kernel-xen-base: before 3.0.101-108.138.1

kernel-xen: before 3.0.101-108.138.1

kernel-trace-devel: before 3.0.101-108.138.1

kernel-trace-base: before 3.0.101-108.138.1

kernel-trace: before 3.0.101-108.138.1

kernel-syms: before 3.0.101-108.138.1

kernel-source: before 3.0.101-108.138.1

kernel-ec2-devel: before 3.0.101-108.138.1

kernel-ec2-base: before 3.0.101-108.138.1

kernel-ec2: before 3.0.101-108.138.1

kernel-default-devel: before 3.0.101-108.138.1

kernel-default-base: before 3.0.101-108.138.1

kernel-default: before 3.0.101-108.138.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2023/suse-su-20230416-1/


Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

43) Race condition

EUVDB-ID: #VU69810

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-3566

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a race condition within the tcp_getsockopt() and tcp_setsockopt() functions in net/ipv4/tcp.c, do_ipv6_setsockopt() function in net/ipv6/ipv6_sockglue.c, and tcp_v6_connect() function in net/ipv6/tcp_ipv6.c in Linux kernel. A local user can exploit the race and escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server: 11-SP4-LTSS-EXTREME-CORE

kernel-xen-devel: before 3.0.101-108.138.1

kernel-xen-base: before 3.0.101-108.138.1

kernel-xen: before 3.0.101-108.138.1

kernel-trace-devel: before 3.0.101-108.138.1

kernel-trace-base: before 3.0.101-108.138.1

kernel-trace: before 3.0.101-108.138.1

kernel-syms: before 3.0.101-108.138.1

kernel-source: before 3.0.101-108.138.1

kernel-ec2-devel: before 3.0.101-108.138.1

kernel-ec2-base: before 3.0.101-108.138.1

kernel-ec2: before 3.0.101-108.138.1

kernel-default-devel: before 3.0.101-108.138.1

kernel-default-base: before 3.0.101-108.138.1

kernel-default: before 3.0.101-108.138.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2023/suse-su-20230416-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

44) Use-after-free

EUVDB-ID: #VU69708

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-3586

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a use-after-free error in the way the sch_sfb enqueue function used the socket buffer (SKB) cb field after the same SKB had been enqueued (and freed) into a child qdisc. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server: 11-SP4-LTSS-EXTREME-CORE

kernel-xen-devel: before 3.0.101-108.138.1

kernel-xen-base: before 3.0.101-108.138.1

kernel-xen: before 3.0.101-108.138.1

kernel-trace-devel: before 3.0.101-108.138.1

kernel-trace-base: before 3.0.101-108.138.1

kernel-trace: before 3.0.101-108.138.1

kernel-syms: before 3.0.101-108.138.1

kernel-source: before 3.0.101-108.138.1

kernel-ec2-devel: before 3.0.101-108.138.1

kernel-ec2-base: before 3.0.101-108.138.1

kernel-ec2: before 3.0.101-108.138.1

kernel-default-devel: before 3.0.101-108.138.1

kernel-default-base: before 3.0.101-108.138.1

kernel-default: before 3.0.101-108.138.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2023/suse-su-20230416-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

45) NULL pointer dereference

EUVDB-ID: #VU69300

Risk: Low

CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-3621

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error in the nilfs2 filesystem driver within the nilfs_bmap_lookup_at_level() function in fs/nilfs2/inode.c in Linux kernel. A remote attacker can trick the victim into mounting a specially crafted image and perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server: 11-SP4-LTSS-EXTREME-CORE

kernel-xen-devel: before 3.0.101-108.138.1

kernel-xen-base: before 3.0.101-108.138.1

kernel-xen: before 3.0.101-108.138.1

kernel-trace-devel: before 3.0.101-108.138.1

kernel-trace-base: before 3.0.101-108.138.1

kernel-trace: before 3.0.101-108.138.1

kernel-syms: before 3.0.101-108.138.1

kernel-source: before 3.0.101-108.138.1

kernel-ec2-devel: before 3.0.101-108.138.1

kernel-ec2-base: before 3.0.101-108.138.1

kernel-ec2: before 3.0.101-108.138.1

kernel-default-devel: before 3.0.101-108.138.1

kernel-default-base: before 3.0.101-108.138.1

kernel-default: before 3.0.101-108.138.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2023/suse-su-20230416-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

46) Use-after-free

EUVDB-ID: #VU69398

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-3635

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a use-after-free error within the drivers/atm/idt77252.c in IPsec component of Linux kernel. A local user can trigger a use-after-free error and crash the kernel.


Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server: 11-SP4-LTSS-EXTREME-CORE

kernel-xen-devel: before 3.0.101-108.138.1

kernel-xen-base: before 3.0.101-108.138.1

kernel-xen: before 3.0.101-108.138.1

kernel-trace-devel: before 3.0.101-108.138.1

kernel-trace-base: before 3.0.101-108.138.1

kernel-trace: before 3.0.101-108.138.1

kernel-syms: before 3.0.101-108.138.1

kernel-source: before 3.0.101-108.138.1

kernel-ec2-devel: before 3.0.101-108.138.1

kernel-ec2-base: before 3.0.101-108.138.1

kernel-ec2: before 3.0.101-108.138.1

kernel-default-devel: before 3.0.101-108.138.1

kernel-default-base: before 3.0.101-108.138.1

kernel-default: before 3.0.101-108.138.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2023/suse-su-20230416-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

47) NULL pointer dereference

EUVDB-ID: #VU69299

Risk: Low

CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-3646

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error in the nilfs2 filesystem driver within the nilfs_attach_log_writer() function in fs/nilfs2/segment.c in Linux kernel. A remote attacker can trick the victim into mounting a specially crafted image and perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server: 11-SP4-LTSS-EXTREME-CORE

kernel-xen-devel: before 3.0.101-108.138.1

kernel-xen-base: before 3.0.101-108.138.1

kernel-xen: before 3.0.101-108.138.1

kernel-trace-devel: before 3.0.101-108.138.1

kernel-trace-base: before 3.0.101-108.138.1

kernel-trace: before 3.0.101-108.138.1

kernel-syms: before 3.0.101-108.138.1

kernel-source: before 3.0.101-108.138.1

kernel-ec2-devel: before 3.0.101-108.138.1

kernel-ec2-base: before 3.0.101-108.138.1

kernel-ec2: before 3.0.101-108.138.1

kernel-default-devel: before 3.0.101-108.138.1

kernel-default-base: before 3.0.101-108.138.1

kernel-default: before 3.0.101-108.138.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2023/suse-su-20230416-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

48) Use-after-free

EUVDB-ID: #VU69298

Risk: Medium

CVSSv4.0: 4.8 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2022-3649

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error within the nilfs2 filesystem driver in nilfs_new_inode() function in fs/nilfs2/inode.c in Linux kernel. A remote attacker can trick the victim into mounting a specially crafted image, trigger a use-after-free error and execute arbitrary code on the system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server: 11-SP4-LTSS-EXTREME-CORE

kernel-xen-devel: before 3.0.101-108.138.1

kernel-xen-base: before 3.0.101-108.138.1

kernel-xen: before 3.0.101-108.138.1

kernel-trace-devel: before 3.0.101-108.138.1

kernel-trace-base: before 3.0.101-108.138.1

kernel-trace: before 3.0.101-108.138.1

kernel-syms: before 3.0.101-108.138.1

kernel-source: before 3.0.101-108.138.1

kernel-ec2-devel: before 3.0.101-108.138.1

kernel-ec2-base: before 3.0.101-108.138.1

kernel-ec2: before 3.0.101-108.138.1

kernel-default-devel: before 3.0.101-108.138.1

kernel-default-base: before 3.0.101-108.138.1

kernel-default: before 3.0.101-108.138.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2023/suse-su-20230416-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

49) Resource management error

EUVDB-ID: #VU66550

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-36879

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper management of internal resources within the xfrm_expand_policies() function in net/xfrm/xfrm_policy.c. A local user can cause the refcount to be dropped twice and perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server: 11-SP4-LTSS-EXTREME-CORE

kernel-xen-devel: before 3.0.101-108.138.1

kernel-xen-base: before 3.0.101-108.138.1

kernel-xen: before 3.0.101-108.138.1

kernel-trace-devel: before 3.0.101-108.138.1

kernel-trace-base: before 3.0.101-108.138.1

kernel-trace: before 3.0.101-108.138.1

kernel-syms: before 3.0.101-108.138.1

kernel-source: before 3.0.101-108.138.1

kernel-ec2-devel: before 3.0.101-108.138.1

kernel-ec2-base: before 3.0.101-108.138.1

kernel-ec2: before 3.0.101-108.138.1

kernel-default-devel: before 3.0.101-108.138.1

kernel-default-base: before 3.0.101-108.138.1

kernel-default: before 3.0.101-108.138.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2023/suse-su-20230416-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

50) Input validation error

EUVDB-ID: #VU66476

Risk: Medium

CVSSv4.0: 7.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P/U:Green]

CVE-ID: CVE-2022-36946

CWE-ID: CWE-20 - Improper input validation

Exploit availability: Yes

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input within the nfqnl_mangle() function in net/netfilter/nfnetlink_queue.c in the Linux kernel when processing IPv6 packets. A remote attacker can send specially crafted packets to the system and perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server: 11-SP4-LTSS-EXTREME-CORE

kernel-xen-devel: before 3.0.101-108.138.1

kernel-xen-base: before 3.0.101-108.138.1

kernel-xen: before 3.0.101-108.138.1

kernel-trace-devel: before 3.0.101-108.138.1

kernel-trace-base: before 3.0.101-108.138.1

kernel-trace: before 3.0.101-108.138.1

kernel-syms: before 3.0.101-108.138.1

kernel-source: before 3.0.101-108.138.1

kernel-ec2-devel: before 3.0.101-108.138.1

kernel-ec2-base: before 3.0.101-108.138.1

kernel-ec2: before 3.0.101-108.138.1

kernel-default-devel: before 3.0.101-108.138.1

kernel-default-base: before 3.0.101-108.138.1

kernel-default: before 3.0.101-108.138.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2023/suse-su-20230416-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

51) Resource management error

EUVDB-ID: #VU70465

Risk: Low

CVSSv4.0: 1.7 [CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-3903

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows an attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to an incorrect read request flaw in the Infrared Transceiver USB driver in Linux kernel. An attacker with physical access to the system can starve system resources and perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server: 11-SP4-LTSS-EXTREME-CORE

kernel-xen-devel: before 3.0.101-108.138.1

kernel-xen-base: before 3.0.101-108.138.1

kernel-xen: before 3.0.101-108.138.1

kernel-trace-devel: before 3.0.101-108.138.1

kernel-trace-base: before 3.0.101-108.138.1

kernel-trace: before 3.0.101-108.138.1

kernel-syms: before 3.0.101-108.138.1

kernel-source: before 3.0.101-108.138.1

kernel-ec2-devel: before 3.0.101-108.138.1

kernel-ec2-base: before 3.0.101-108.138.1

kernel-ec2: before 3.0.101-108.138.1

kernel-default-devel: before 3.0.101-108.138.1

kernel-default-base: before 3.0.101-108.138.1

kernel-default: before 3.0.101-108.138.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2023/suse-su-20230416-1/


Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

52) Race condition

EUVDB-ID: #VU67478

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-39188

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a race condition within include/asm-generic/tlb.h in the Linux kernel. A local user can exploit the race and escalate privileges on the system.

Note, this only occurs in situations with VM_PFNMAP VMAs.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server: 11-SP4-LTSS-EXTREME-CORE

kernel-xen-devel: before 3.0.101-108.138.1

kernel-xen-base: before 3.0.101-108.138.1

kernel-xen: before 3.0.101-108.138.1

kernel-trace-devel: before 3.0.101-108.138.1

kernel-trace-base: before 3.0.101-108.138.1

kernel-trace: before 3.0.101-108.138.1

kernel-syms: before 3.0.101-108.138.1

kernel-source: before 3.0.101-108.138.1

kernel-ec2-devel: before 3.0.101-108.138.1

kernel-ec2-base: before 3.0.101-108.138.1

kernel-ec2: before 3.0.101-108.138.1

kernel-default-devel: before 3.0.101-108.138.1

kernel-default-base: before 3.0.101-108.138.1

kernel-default: before 3.0.101-108.138.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2023/suse-su-20230416-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

53) Improper access control

EUVDB-ID: #VU67587

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-40768

CWE-ID: CWE-284 - Improper Access Control

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to improper access restrictions in the drivers/scsi/stex.c in the Linux kernel. A local user can obtain sensitive information from kernel memory because stex_queuecommand_lck lacks a memset for the PASSTHRU_CMD case.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server: 11-SP4-LTSS-EXTREME-CORE

kernel-xen-devel: before 3.0.101-108.138.1

kernel-xen-base: before 3.0.101-108.138.1

kernel-xen: before 3.0.101-108.138.1

kernel-trace-devel: before 3.0.101-108.138.1

kernel-trace-base: before 3.0.101-108.138.1

kernel-trace: before 3.0.101-108.138.1

kernel-syms: before 3.0.101-108.138.1

kernel-source: before 3.0.101-108.138.1

kernel-ec2-devel: before 3.0.101-108.138.1

kernel-ec2-base: before 3.0.101-108.138.1

kernel-ec2: before 3.0.101-108.138.1

kernel-default-devel: before 3.0.101-108.138.1

kernel-default-base: before 3.0.101-108.138.1

kernel-default: before 3.0.101-108.138.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2023/suse-su-20230416-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

54) Double Free

EUVDB-ID: #VU69805

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-4095

CWE-ID: CWE-415 - Double Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error within the cmd_hdl_filter() function in drivers/staging/rtl8712/rtl8712_cmd.c. A local user can trigger a double free error and execute arbitrary code with escalated privileges.


Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server: 11-SP4-LTSS-EXTREME-CORE

kernel-xen-devel: before 3.0.101-108.138.1

kernel-xen-base: before 3.0.101-108.138.1

kernel-xen: before 3.0.101-108.138.1

kernel-trace-devel: before 3.0.101-108.138.1

kernel-trace-base: before 3.0.101-108.138.1

kernel-trace: before 3.0.101-108.138.1

kernel-syms: before 3.0.101-108.138.1

kernel-source: before 3.0.101-108.138.1

kernel-ec2-devel: before 3.0.101-108.138.1

kernel-ec2-base: before 3.0.101-108.138.1

kernel-ec2: before 3.0.101-108.138.1

kernel-default-devel: before 3.0.101-108.138.1

kernel-default-base: before 3.0.101-108.138.1

kernel-default: before 3.0.101-108.138.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2023/suse-su-20230416-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

55) Use-after-free

EUVDB-ID: #VU67657

Risk: Low

CVSSv4.0: 7.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Clear]

CVE-ID: CVE-2022-41218

CWE-ID: CWE-416 - Use After Free

Exploit availability: Yes

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the dvb_demux_open() and dvb_dmxdev_release() function in drivers/media/dvb-core/dmxdev.c in Linux kernel. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server: 11-SP4-LTSS-EXTREME-CORE

kernel-xen-devel: before 3.0.101-108.138.1

kernel-xen-base: before 3.0.101-108.138.1

kernel-xen: before 3.0.101-108.138.1

kernel-trace-devel: before 3.0.101-108.138.1

kernel-trace-base: before 3.0.101-108.138.1

kernel-trace: before 3.0.101-108.138.1

kernel-syms: before 3.0.101-108.138.1

kernel-source: before 3.0.101-108.138.1

kernel-ec2-devel: before 3.0.101-108.138.1

kernel-ec2-base: before 3.0.101-108.138.1

kernel-ec2: before 3.0.101-108.138.1

kernel-default-devel: before 3.0.101-108.138.1

kernel-default-base: before 3.0.101-108.138.1

kernel-default: before 3.0.101-108.138.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2023/suse-su-20230416-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

56) Race condition

EUVDB-ID: #VU68339

Risk: Low

CVSSv4.0: 1.7 [CVSS:4.0/AV:P/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-41848

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a race condition in the drivers/char/pcmcia/synclink_cs.c in the Linux kernel. An attacker with physical proximity to the affected system can remove a PCMCIA device while calling ioctl, cause a race condition between mgslpc_ioctl and mgslpc_detach and perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server: 11-SP4-LTSS-EXTREME-CORE

kernel-xen-devel: before 3.0.101-108.138.1

kernel-xen-base: before 3.0.101-108.138.1

kernel-xen: before 3.0.101-108.138.1

kernel-trace-devel: before 3.0.101-108.138.1

kernel-trace-base: before 3.0.101-108.138.1

kernel-trace: before 3.0.101-108.138.1

kernel-syms: before 3.0.101-108.138.1

kernel-source: before 3.0.101-108.138.1

kernel-ec2-devel: before 3.0.101-108.138.1

kernel-ec2-base: before 3.0.101-108.138.1

kernel-ec2: before 3.0.101-108.138.1

kernel-default-devel: before 3.0.101-108.138.1

kernel-default-base: before 3.0.101-108.138.1

kernel-default: before 3.0.101-108.138.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2023/suse-su-20230416-1/


Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

57) Race condition

EUVDB-ID: #VU69792

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-41850

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a race condition within the roccat_report_event() function in drivers/hid/hid-roccat.c. A local user can trigger a use-after-free error and perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server: 11-SP4-LTSS-EXTREME-CORE

kernel-xen-devel: before 3.0.101-108.138.1

kernel-xen-base: before 3.0.101-108.138.1

kernel-xen: before 3.0.101-108.138.1

kernel-trace-devel: before 3.0.101-108.138.1

kernel-trace-base: before 3.0.101-108.138.1

kernel-trace: before 3.0.101-108.138.1

kernel-syms: before 3.0.101-108.138.1

kernel-source: before 3.0.101-108.138.1

kernel-ec2-devel: before 3.0.101-108.138.1

kernel-ec2-base: before 3.0.101-108.138.1

kernel-ec2: before 3.0.101-108.138.1

kernel-default-devel: before 3.0.101-108.138.1

kernel-default-base: before 3.0.101-108.138.1

kernel-default: before 3.0.101-108.138.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2023/suse-su-20230416-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

58) NULL pointer dereference

EUVDB-ID: #VU70467

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-41858

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error within the sl_tx_timeout() function in drivers/net/slip in Linux kernel. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server: 11-SP4-LTSS-EXTREME-CORE

kernel-xen-devel: before 3.0.101-108.138.1

kernel-xen-base: before 3.0.101-108.138.1

kernel-xen: before 3.0.101-108.138.1

kernel-trace-devel: before 3.0.101-108.138.1

kernel-trace-base: before 3.0.101-108.138.1

kernel-trace: before 3.0.101-108.138.1

kernel-syms: before 3.0.101-108.138.1

kernel-source: before 3.0.101-108.138.1

kernel-ec2-devel: before 3.0.101-108.138.1

kernel-ec2-base: before 3.0.101-108.138.1

kernel-ec2: before 3.0.101-108.138.1

kernel-default-devel: before 3.0.101-108.138.1

kernel-default-base: before 3.0.101-108.138.1

kernel-default: before 3.0.101-108.138.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2023/suse-su-20230416-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

59) Out-of-bounds write

EUVDB-ID: #VU69296

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-43750

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error within the drivers/usb/mon/mon_bin.c in usbmon in the Linux kernel. A local user can trigger an out-of-bounds write and execute arbitrary code with elevated privileges.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server: 11-SP4-LTSS-EXTREME-CORE

kernel-xen-devel: before 3.0.101-108.138.1

kernel-xen-base: before 3.0.101-108.138.1

kernel-xen: before 3.0.101-108.138.1

kernel-trace-devel: before 3.0.101-108.138.1

kernel-trace-base: before 3.0.101-108.138.1

kernel-trace: before 3.0.101-108.138.1

kernel-syms: before 3.0.101-108.138.1

kernel-source: before 3.0.101-108.138.1

kernel-ec2-devel: before 3.0.101-108.138.1

kernel-ec2-base: before 3.0.101-108.138.1

kernel-ec2: before 3.0.101-108.138.1

kernel-default-devel: before 3.0.101-108.138.1

kernel-default-base: before 3.0.101-108.138.1

kernel-default: before 3.0.101-108.138.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2023/suse-su-20230416-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

60) Race condition

EUVDB-ID: #VU77323

Risk: Low

CVSSv4.0: 4 [CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-44032

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows an attacker to escalate privileges on the system.

The vulnerability exists due to a race condition in drivers/char/pcmcia/cm4000_cs.c in Linux kernel. An attacker with physical access to device can remove the PCMCIA device while calling open() to trigger a use-after-free error and execute arbitrary code on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server: 11-SP4-LTSS-EXTREME-CORE

kernel-xen-devel: before 3.0.101-108.138.1

kernel-xen-base: before 3.0.101-108.138.1

kernel-xen: before 3.0.101-108.138.1

kernel-trace-devel: before 3.0.101-108.138.1

kernel-trace-base: before 3.0.101-108.138.1

kernel-trace: before 3.0.101-108.138.1

kernel-syms: before 3.0.101-108.138.1

kernel-source: before 3.0.101-108.138.1

kernel-ec2-devel: before 3.0.101-108.138.1

kernel-ec2-base: before 3.0.101-108.138.1

kernel-ec2: before 3.0.101-108.138.1

kernel-default-devel: before 3.0.101-108.138.1

kernel-default-base: before 3.0.101-108.138.1

kernel-default: before 3.0.101-108.138.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2023/suse-su-20230416-1/


Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

61) Race condition

EUVDB-ID: #VU77324

Risk: Low

CVSSv4.0: 4 [CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-44033

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows an attacker to escalate privileges on the system.

The vulnerability exists due to a race condition in drivers/char/pcmcia/cm4040_cs.c in Linux kernel. An attacker with physical access to device can remove the PCMCIA device while calling open() to trigger a use-after-free error and execute arbitrary code on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server: 11-SP4-LTSS-EXTREME-CORE

kernel-xen-devel: before 3.0.101-108.138.1

kernel-xen-base: before 3.0.101-108.138.1

kernel-xen: before 3.0.101-108.138.1

kernel-trace-devel: before 3.0.101-108.138.1

kernel-trace-base: before 3.0.101-108.138.1

kernel-trace: before 3.0.101-108.138.1

kernel-syms: before 3.0.101-108.138.1

kernel-source: before 3.0.101-108.138.1

kernel-ec2-devel: before 3.0.101-108.138.1

kernel-ec2-base: before 3.0.101-108.138.1

kernel-ec2: before 3.0.101-108.138.1

kernel-default-devel: before 3.0.101-108.138.1

kernel-default-base: before 3.0.101-108.138.1

kernel-default: before 3.0.101-108.138.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2023/suse-su-20230416-1/


Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

62) Integer overflow

EUVDB-ID: #VU70464

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-45934

CWE-ID: CWE-190 - Integer overflow

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to integer overflow within the l2cap_config_req() function in net/bluetooth/l2cap_core.c in Linux kernel. A local user can pass specially crafted L2CAP_CONF_REQ packets to the device, trigger an integer overflow and execute arbitrary code with elevated privileges.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server: 11-SP4-LTSS-EXTREME-CORE

kernel-xen-devel: before 3.0.101-108.138.1

kernel-xen-base: before 3.0.101-108.138.1

kernel-xen: before 3.0.101-108.138.1

kernel-trace-devel: before 3.0.101-108.138.1

kernel-trace-base: before 3.0.101-108.138.1

kernel-trace: before 3.0.101-108.138.1

kernel-syms: before 3.0.101-108.138.1

kernel-source: before 3.0.101-108.138.1

kernel-ec2-devel: before 3.0.101-108.138.1

kernel-ec2-base: before 3.0.101-108.138.1

kernel-ec2: before 3.0.101-108.138.1

kernel-default-devel: before 3.0.101-108.138.1

kernel-default-base: before 3.0.101-108.138.1

kernel-default: before 3.0.101-108.138.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2023/suse-su-20230416-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###