Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 573
Alerts This Week
Warning Icon 1 573

SUSE: 2023:4032-1 Important: Linux Kernel DoS and Local Attack Fixes

suse
Calendar Grey October 10, 2023
Dist Suse Esm H88
SUSE unveils an urgent update for the Linux kernel, tackling various vulnerabilities and remedies for both local and remote threats.
* #1109837 * #1152446 * #1154048 * #1213016 * #1214157

Summary

## The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2023-39194: Fixed a flaw in the processing of state filters which could allow a local attackers to disclose sensitive information. (bsc#1215861) * CVE-2023-39193: Fixed a flaw in the processing of state filters which could allow a local attackers to disclose sensitive information. (bsc#1215860) * CVE-2023-39192: Fixed a flaw in the u32_match_it function which could allow a local attackers to disclose sensitive information. (bsc#1215858) * CVE-2023-42754: Fixed a null pointer dereference in ipv4_link_failure which could lead an authenticated attacker to trigger a DoS. (bsc#1215467) * CVE-2023-1206: Fixed a hash collision flaw in the IPv6 connection lookup

References

* #1109837

* #1152446

* #1154048

* #1213016

* #1214157

* #1214380

* #1214586

* #1214940

* #1214943

* #1214945

* #1214946

* #1214948

* #1214949

* #1214950

* #1214952

* #1214953

* #1215122

* #1215136

* #1215164

* #1215165

* #1215607

* #1215877

* #1215897

* #1215898

Cross-

* CVE-2020-36766

* CVE-2023-1192

* CVE-2023-1206

* CVE-2023-1859

* CVE-2023-39192

* CVE-2023-39193

* CVE-2023-39194

* CVE-2023-42754

* CVE-2023-4622

* CVE-2023-4623

* CVE-2023-4881

* CVE-2023-4921

CVSS scores:

* CVE-2020-36766 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N

* CVE-2020-36766 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

* CVE-2023-1192 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2023-1206 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2023:4032-1
Rating: important

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.