Alerts This Week
Warning Icon 1 692
Alerts This Week
Warning Icon 1 692

SUSE 2024:3397-1 Moderate Update for libmfx Security Released

suse
Calendar Grey September 23, 2024
Dist Suse Esm H88
This Red Hat patch fixes multiple vulnerabilities in the networking stack, improving overall system security and addressing significant performance issues for administrators.
* bsc#1219494 * bsc#1226892 * bsc#1226897 * bsc#1226898 * bsc#1226899

Summary

## This update for libmfx fixes the following issues: * CVE-2023-48368: Fixed an improper input validation. (bsc#1226897) * CVE-2023-45221: Fixed an improper buffer restrictions. (bsc#1226898) * CVE-2023-22656: Fixed an out-of-bounds read. (bsc#1226899) * CVE-2023-47282: Fixed an out-of-bounds write. (bsc#1226900) * CVE-2023-47169: Fixed an improper buffer restrictions. (bsc#1226901) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-3397=1 ## Package List: * openSUSE Leap 15.4 (x86_64) * libmfx-debugsource-21.3.4-150400.3.5.1 * libmfx1-debuginfo-21.3.4-150400.3.5.1

Topics%20covered

Topics Covered

security advisory moderate input validation SUSE out-of-bounds buffer restrictions libmfx

References

* bsc#1219494

* bsc#1226892

* bsc#1226897

* bsc#1226898

* bsc#1226899

* bsc#1226900

* bsc#1226901

* jsc#PED-10024

Cross-

* CVE-2023-22656

* CVE-2023-45221

* CVE-2023-47169

* CVE-2023-47282

* CVE-2023-48368

CVSS scores:

* CVE-2023-22656 ( SUSE ): 3.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N

* CVE-2023-45221 ( SUSE ): 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L

* CVE-2023-47169 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

* CVE-2023-47282 ( SUSE ): 3.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L

* CVE-2023-48368 ( SUSE ): 5.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:N/A:H

Affected Products:

* openSUSE Leap 15.4

An update that solves five vulnerabilities, contains one feature and has two

security fixes can now be installed.

##

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2024:3397-1
Rating: moderate

Topics%20covered

Topics Covered

security advisory moderate input validation SUSE out-of-bounds buffer restrictions libmfx

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here