openSUSE 15.4: 2023:4072-2 Important Kernel Security Fix
opensuse
November 6, 2023
The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security and bugfixes
Description
The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security
and bugfixes.
The following security bugs were fixed:
* CVE-2023-4563: Fixed an use-after-free flaw in the nftables sub-component.
This vulnerability could allow a local attacker to crash the system or lead
to a kernel information leak problem. (bsc#1214727)
* CVE-2023-39194: Fixed a flaw in the processing of state filters which could
allow a local attackers to disclose sensitive information. (bsc#1215861)
* CVE-2023-39193: Fixed a flaw in the processing of state filters which could
allow a local attackers to disclose sensitive information. (bsc#1215860)
* CVE-2023-39192: Fixed a flaw in the u32_match_it function which could allow
a local attackers to disclose sensitive information. (bsc#1215858)
* CVE-2023-42754: Fixed a null pointer dereference in ipv4_link_failure which
could lead an authenticated attacker to trigger a DoS. (bsc#1215467)
* CVE-2023-5345: fixed an...
Read the Full Advisory
Patch
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.4
zypper in -t patch openSUSE-SLE-15.4-2023-4072=1
Package List
* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64)
* cluster-md-kmp-default-5.14.21-150400.24.92.1
* kselftests-kmp-default-debuginfo-5.14.21-150400.24.92.1
* gfs2-kmp-default-5.14.21-150400.24.92.1
* reiserfs-kmp-default-debuginfo-5.14.21-150400.24.92.1
* kernel-syms-5.14.21-150400.24.92.1
* kselftests-kmp-default-5.14.21-150400.24.92.1
* gfs2-kmp-default-debuginfo-5.14.21-150400.24.92.1
* kernel-default-optional-5.14.21-150400.24.92.1
* kernel-default-extra-5.14.21-150400.24.92.1
* ocfs2-kmp-default-debuginfo-5.14.21-150400.24.92.1
* ocfs2-kmp-default-5.14.21-150400.24.92.1
* kernel-default-devel-5.14.21-150400.24.92.1
* kernel-default-optional-debuginfo-5.14.21-150400.24.92.1
* kernel-obs-qa-5.14.21-150400.24.92.1
* kernel-default-debugsource-5.14.21-150400.24.92.1
* dlm-kmp-default-5.14.21-150400.24.92.1
* cluster-md-kmp-default-debuginfo-5.14.21-150400.24.92.1
* kernel-obs-build-debugsource-5.14.21-150400.24.92.1
* kernel-default-livepatch-5.14.21-150400.24.92.1
*...
Read the Full AdvisoryReferences
* bsc#1202845
* bsc#1213808
* bsc#1214928
* bsc#1214940
* bsc#1214941
* bsc#1214942
* bsc#1214943
* bsc#1214944
* bsc#1214950
* bsc#1214951
* bsc#1214954
* bsc#1214957
* bsc#1214986
* bsc#1214988
* bsc#1214992
* bsc#1214993
* bsc#1215322
* bsc#1215877
* bsc#1215894
* bsc#1215895
* bsc#1215896
* bsc#1215911
* bsc#1215915
* bsc#1215916
## References:
* https://www.suse.com/security/cve/CVE-2023-1192.html
* https://www.suse.com/security/cve/CVE-2023-1206.html
* https://www.suse.com/security/cve/CVE-2023-1859.html
* https://www.suse.com/security/cve/CVE-2023-2177.html
* https://www.suse.com/security/cve/CVE-2023-39192.html
* https://www.suse.com/security/cve/CVE-2023-39193.html
* https://www.suse.com/security/cve/CVE-2023-39194.html
* https://www.suse.com/security/cve/CVE-2023-4155.html
* https://www.suse.com/security/cve/CVE-2023-42753.html
* https://www.suse.com/security/cve/CVE-2023-42754.html
* https://www.suse.com/security/cve/CVE-2023-4389.html
* https://www.suse.com/security/cve/CVE-2023-4563.html
*...
Read the Full Advisory
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Announcement ID: SUSE-SU-2023:4072-2
Rating: important
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!