Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

SUSE 15 SP2: 2023:4784-2 Critical: Kernel Memory Management Bugs

suse
Calendar Grey December 13, 2023
Dist Suse Esm H88
Discover the latest SUSE Linux Kernel patch designed to combat significant security threats while enhancing system reliability and integrity for sensitive data protection
* bsc#1084909 * bsc#1210780 * bsc#1214037 * bsc#1214344 * bsc#1214764

Summary

## The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2023-39197: Fixed a out-of-bounds read in nf_conntrack_dccp_packet() (bsc#1216976). * CVE-2023-6176: Fixed a denial of service in the cryptographic algorithm scatterwalk functionality (bsc#1217332). * CVE-2023-45863: Fixed a out-of-bounds write in fill_kobj_path() (bsc#1216058). * CVE-2023-45871: Fixed an issue in the IGB driver, where the buffer size may not be adequate for frames larger than the MTU (bsc#1216259). * CVE-2023-39198: Fixed a race condition leading to use-after-free in qxl_mode_dumb_create() (bsc#1216965). * CVE-2023-31083: Fixed race condition in hci_uart_tty_ioctl (bsc#1210780).

Topics%20covered

Topics Covered

security advisory denial of service kernel update security issues critical fixes SUSE Linux Server

References

* bsc#1084909

* bsc#1210780

* bsc#1214037

* bsc#1214344

* bsc#1214764

* bsc#1216058

* bsc#1216259

* bsc#1216584

* bsc#1216965

* bsc#1216976

* bsc#1217332

* bsc#1217780

* jsc#PED-3184

* jsc#PED-5021

Cross-

* CVE-2023-31083

* CVE-2023-39197

* CVE-2023-39198

* CVE-2023-45863

* CVE-2023-45871

* CVE-2023-5717

* CVE-2023-6176

CVSS scores:

* CVE-2023-31083 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2023-31083 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2023-39197 ( SUSE ): 4.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N

* CVE-2023-39198 ( SUSE ): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

* CVE-2023-39198 ( NVD ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2023:4783-1
Rating: important

Topics%20covered

Topics Covered

security advisory denial of service kernel update security issues critical fixes SUSE Linux Server

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here