Explore top 10 tips to secure your open-source projects now. Read More
×
## The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2023-1077: Fixed a type confusion in pick_next_rt_entity() that could cause memory corruption (bsc#1208600). * CVE-2023-4623: Fixed a use-after-free issue in the HFSC network scheduler which could be exploited to achieve local privilege escalation (bsc#1215115). * CVE-2023-1192: Fixed use-after-free in cifs_demultiplex_thread() (bsc#1208995). * CVE-2023-20588: Fixed a potential data leak that could be triggered through a side channel when division by zero occurred on some AMD processors (bsc#1213927). * CVE-2023-4459: Fixed a NULL pointer dereference flaw in the vmxnet3 driver that may have allowed a local attacker with user privileges to cause a
* #1208600
* #1208995
* #1210448
* #1213666
* #1213927
* #1214348
* #1214451
* #1215115
* PED-4579
Cross-
* CVE-2023-1077
* CVE-2023-1192
* CVE-2023-2007
* CVE-2023-20588
* CVE-2023-3772
* CVE-2023-4385
* CVE-2023-4459
* CVE-2023-4623
CVSS scores:
* CVE-2023-1077 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-1077 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-1192 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-2007 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
* CVE-2023-2007 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-20588 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
* CVE-2023-20588 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Get the latest Linux and open source security news straight to your inbox.