Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 428
Alerts This Week
Warning Icon 1 428

SUSE Linux Enterprise 12 SP5: 2023:4031-1 Important Kernel Security Update

suse
Calendar Grey October 10, 2023
Dist Suse Esm H88
Canonical rolls out a critical system update targeting various vulnerabilities and improvements for better performance.
* #1065729 * #1109837 * #1152446 * #1154048 * #1207168

Summary

## The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2023-39192: Fixed an out of bounds read in the netfilter (bsc#1215858). * CVE-2023-39193: Fixed an out of bounds read in the xtables subsystem (bsc#1215860). * CVE-2023-39194: Fixed an out of bounds read in the XFRM subsystem (bsc#1215861). * CVE-2023-42754: Fixed a NULL pointer dereference in the IPv4 stack that could lead to denial of service (bsc#1215467). * CVE-2023-1206: Fixed a hash collision flaw in the IPv6 connection lookup table which could be exploited by network adjacent attackers, increasing CPU usage by 95% (bsc#1212703). * CVE-2023-4921: Fixed a use-after-free vulnerability in the QFQ network

References

* #1065729

* #1109837

* #1152446

* #1154048

* #1207168

* #1208995

* #1210169

* #1212703

* #1213016

* #1214157

* #1214380

* #1214386

* #1214586

* #1214940

* #1214943

* #1214945

* #1214946

* #1214948

* #1214949

* #1214950

* #1214952

* #1214953

* #1214961

* #1214962

* #1214964

* #1214965

* #1214966

* #1214967

* #1215115

* #1215117

* #1215121

* #1215122

* #1215136

* #1215149

* #1215152

* #1215162

* #1215164

* #1215165

* #1215207

* #1215221

* #1215275

* #1215299

* #1215467

* #1215607

* #1215634

* #1215858

* #1215860

* #1215861

* #1215877

* #1215897

* #1215898

* #1215954

* PED-5021

Cross-

* CVE-2020-36766

* CVE-2023-0394

* CVE-2023-1192

* CVE-2023-1206

* CVE-2023-1859

* CVE-2023-39192

* CVE-2023-39193

* CVE-2023-39194

* CVE-2023-42754

* CVE-2023-4622

* CVE-2023-4623

* CVE-2023-4881

* CVE-2023-4921

CVSS scores:

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2023:4031-1
Rating: important

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.