SUSE: 2023:4378-1 Important: Linux Kernel DoS Vulnerabilities Fixed

suse

November 6, 2023

* bsc#1208788 * bsc#1210778 * bsc#1211307 * bsc#1212423 * bsc#1212649

Summary

## The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2023-2163: Fixed an incorrect verifier pruning in BPF that could lead to unsafe code paths being incorrectly marked as safe, resulting in arbitrary read/write in kernel memory, lateral privilege escalation, and container escape. (bsc#1215518) * CVE-2023-34324: Fixed a possible deadlock in Linux kernel event handling. (bsc#1215745). * CVE-2023-39189: Fixed a flaw in the Netfilter subsystem that could allow a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, leading to a crash or information disclosure. (bsc#1216046) * CVE-2023-5178: Fixed an UAF in queue intialization setup. (bsc#1215768)

Topics Covered

security advisory update DoS important Linux kernel openSUSE

References

* bsc#1208788

* bsc#1210778

* bsc#1211307

* bsc#1212423

* bsc#1212649

* bsc#1213705

* bsc#1213772

* bsc#1214842

* bsc#1215095

* bsc#1215104

* bsc#1215518

* bsc#1215955

* bsc#1215956

* bsc#1215957

* bsc#1215986

* bsc#1216062

* bsc#1216345

* bsc#1216510

* bsc#1216511

* bsc#1216512

* bsc#1216621

Cross-

* CVE-2023-2163

* CVE-2023-31085

* CVE-2023-34324

* CVE-2023-3777

* CVE-2023-39189

* CVE-2023-39193

* CVE-2023-5178

CVSS scores:

* CVE-2023-2163 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

* CVE-2023-2163 ( NVD ): 10.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N

* CVE-2023-31085 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2023-31085 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Severity

important

Lowest

Low

Medium

High

Critical

Announcement ID: SUSE-SU-2023:4378-1

Rating: important

Topics Covered

security advisory update DoS important Linux kernel openSUSE

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

SUSE: 2023:4378-1 Important: Linux Kernel DoS Vulnerabilities Fixed

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

SUSE: 2023:4378-1 Important: Linux Kernel DoS Vulnerabilities Fixed

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related Articles

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!