SUSE: 2023:4377-1 Important: Kernel Security Flaws - Local DoS & Escalation

suse

November 6, 2023

* bsc#1210778 * bsc#1210853 * bsc#1212051 * bsc#1215467 * bsc#1215518

Summary

## The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2023-31085: Fixed a divide-by-zero error in do_div(sz,mtd->erasesize) that could cause a local DoS. (bsc#1210778) * CVE-2023-45862: Fixed an issue in the ENE UB6250 reader driver whwere an object could potentially extend beyond the end of an allocation causing. (bsc#1216051) * CVE-2023-2163: Fixed an incorrect verifier pruning in BPF that could lead to unsafe code paths being incorrectly marked as safe, resulting in arbitrary read/write in kernel memory, lateral privilege escalation, and container escape. (bsc#1215518) * CVE-2023-34324: Fixed a possible deadlock in Linux kernel event handling. (bsc#1215745).

Topics Covered

security advisory privilege escalation DoS important kernel SUSE out-of-bounds

References

* bsc#1210778

* bsc#1210853

* bsc#1212051

* bsc#1215467

* bsc#1215518

* bsc#1215745

* bsc#1215858

* bsc#1215860

* bsc#1215861

* bsc#1216046

* bsc#1216051

* bsc#1216134

Cross-

* CVE-2023-2163

* CVE-2023-31085

* CVE-2023-3111

* CVE-2023-34324

* CVE-2023-39189

* CVE-2023-39192

* CVE-2023-39193

* CVE-2023-39194

* CVE-2023-42754

* CVE-2023-45862

CVSS scores:

* CVE-2023-2163 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

* CVE-2023-2163 ( NVD ): 10.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N

* CVE-2023-31085 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2023-31085 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2023-3111 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Severity

important

Lowest

Low

Medium

High

Critical

Announcement ID: SUSE-SU-2023:4377-1

Rating: important

Topics Covered

security advisory privilege escalation DoS important kernel SUSE out-of-bounds

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

SUSE: 2023:4377-1 Important: Kernel Security Flaws - Local DoS & Escalation

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

SUSE: 2023:4377-1 Important: Kernel Security Flaws - Local DoS & Escalation

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related Articles

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!