Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

SUSE: 2023:4882-1 high severity kernel buffer overflow vulnerability

suse
Calendar Grey December 15, 2023
Dist Suse Esm H88
Essential SUSE Linux kernel patch released to tackle severe security flaws; ensure updates are implemented promptly to maintain security!
* bsc#1084909 * bsc#1208787 * bsc#1210780 * bsc#1216058 * bsc#1216259

Summary

## The SUSE Linux Enterprise 15 SP1 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2023-0461: Fixed use-after-free in icsk_ulp_data (bsc#1208787). * CVE-2023-39197: Fixed a out-of-bounds read in nf_conntrack_dccp_packet() (bsc#1216976). * CVE-2023-45863: Fixed a out-of-bounds write in fill_kobj_path() (bsc#1216058). * CVE-2023-5717: Fixed a heap out-of-bounds write vulnerability in the Performance Events component (bsc#1216584). * CVE-2023-45871: Fixed an issue in the IGB driver, where the buffer size may not be adequate for frames larger than the MTU (bsc#1216259). * CVE-2023-39198: Fixed a race condition leading to use-after-free in qxl_mode_dumb_create() (bsc#1216965).

Topics%20covered

Topics Covered

security advisory security update high severity buffer overflow kernel patch SUSE

References

* bsc#1084909

* bsc#1208787

* bsc#1210780

* bsc#1216058

* bsc#1216259

* bsc#1216584

* bsc#1216965

* bsc#1216976

* jsc#PED-3184

* jsc#PED-5021

Cross-

* CVE-2023-0461

* CVE-2023-31083

* CVE-2023-39197

* CVE-2023-39198

* CVE-2023-45863

* CVE-2023-45871

* CVE-2023-5717

CVSS scores:

* CVE-2023-0461 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2023-0461 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2023-31083 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2023-31083 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2023-39197 ( SUSE ): 4.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N

* CVE-2023-39198 ( SUSE ): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2023:4882-1
Rating: important

Topics%20covered

Topics Covered

security advisory security update high severity buffer overflow kernel patch SUSE

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here