SB2023071155 - SUSE update for the Linux Kernel
Published: July 11, 2023
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 13 secuirty vulnerabilities.
1) Type Confusion (CVE-ID: CVE-2023-1077)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a type confusion error within the pick_next_rt_entity() function pick_next_rt_entity(). A local user can trigger a type confusion error and execute arbitrary code with elevated privileges.
2) Use-after-free (CVE-ID: CVE-2023-1079)
The vulnerability allows an attacker to compromise the vulnerable system.
The vulnerability exists due to a use-after-free error within the asus_kbd_backlight_set() function when plugging in a malicious USB device. An attacker with physical access to the system can inject a malicious USB device, trigger a use-after-free error and execute arbitrary code.
3) Use-after-free (CVE-ID: CVE-2023-1249)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error within the core dump subsystem in Linux kernel. A local user can trigger a use-after-free error and crash the kernel.
4) Information exposure through microarchitectural state after transient execution (CVE-ID: CVE-2023-1637)
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due speculative execution behavior in the Linux kernel X86 CPU Power management options functionality. A local user can gain access to sensitive information.
5) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2023-2002)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to improper permissions check in the Bluetooth subsystem when handling ioctl system calls of HCI sockets. A local user can acquire a trusted socket, leading to unauthorized execution of management commands.
6) Out-of-bounds write (CVE-ID: CVE-2023-3090)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error within the ipvlan network driver in Linux kernel. A local user can trigger an out-of-bounds write and execute arbitrary code with elevated privileges.
7) Use-after-free (CVE-ID: CVE-2023-3111)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the prepare_to_relocate() function in fs/btrfs/relocation.c in btrfs in the Linux Kernel. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.
8) Use-after-free (CVE-ID: CVE-2023-3141)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the r592_remove() function of drivers/memstick/host/r592.c in media access in the Linux kernel. A local user can trigger a use-after-free error and escalate privileges on the system.
9) Use-after-free (CVE-ID: CVE-2023-3159)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the outbound_phy_packet_callback() function in driver/firewire in Linux kernel. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.
10) Incorrect calculation (CVE-ID: CVE-2023-3161)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation in the Framebuffer Console (fbcon) in the Linux kernel. A local user can perform a denial of service (DoS) attack.
11) Out-of-bounds read (CVE-ID: CVE-2023-3268)
The vulnerability allows a local user to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition within the relay_file_read_start_pos() function in kernel/relay.c in the relayfs. A local user can trigger an out-of-bounds read error and read contents of memory on the system or crash the kernel.
12) NULL pointer dereference (CVE-ID: CVE-2023-3358)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error in the Linux kernel's Integrated Sensor Hub (ISH) driver. A local user and perform a denial of service (DoS) attack.
13) Use-after-free (CVE-ID: CVE-2023-35824)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the dm1105_remove() function in drivers/media/pci/dm1105/dm1105.c. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.
Remediation
Install update from vendor's website.