[SUSE-SU-2023:1640-1] Security update for the Linux Kernel (Live Patch 39 for SLE 12 SP5)
Severity
Important
CVEs
2
Security update for the Linux Kernel (Live Patch 39 for SLE 12 SP5)
This update for the Linux Kernel 4.12.14-122_147 fixes several issues.
The following security issues were fixed:
- CVE-2023-26545: Fixed double free in net/mpls/af_mpls.c upon an allocation failure (bsc#1208909).
- CVE-2023-0266: Fixed a use-after-free vulnerability inside the ALSA PCM package. SNDRV_CTL_IOCTL_ELEM_{READ|WRITE}32 was missing locks that could have been used in a use-after-free that could have resulted in a priviledge escalation to gain ring0 access from the system user (bsc#1207190).
- ID
- SUSE-SU-2023:1640-1
- Severity
- important
- URL
- https://www.suse.com/support/update/announcement/2023/suse-su-20231640-1/
- Published
-
2023-03-28T12:34:31
(17 months ago) - Modified
-
2023-03-28T12:34:31
(17 months ago) - Rights
- Copyright 2024 SUSE LLC. All rights reserved.
- Other Advisories
-
- ALAS-2023-1701
- ALAS2-2023-1987
- ALSA-2023:1470
- ALSA-2023:1566
- ALSA-2023:7077
- CISA-2023:0330
- DSA-5324-1
- ELSA-2023-12196
- ELSA-2023-12323
- ELSA-2023-1470
- ELSA-2023-1566
- ELSA-2023-6583
- ELSA-2023-7077
- MS:CVE-2023-0266
- MS:CVE-2023-26545
- RHSA-2023:1469
- RHSA-2023:1470
- RHSA-2023:1471
- RHSA-2023:1566
- RHSA-2023:1584
- RHSA-2023:1659
- RHSA-2023:6901
- RHSA-2023:7077
- RLSA-2023:1470
- RLSA-2023:1566
- SSA:2023-048-01
- SSA:2023-172-02
- SUSE-SU-2023:0152-1
- SUSE-SU-2023:0394-1
- SUSE-SU-2023:0406-1
- SUSE-SU-2023:0433-1
- SUSE-SU-2023:0485-1
- SUSE-SU-2023:0488-1
- SUSE-SU-2023:0618-1
- SUSE-SU-2023:0634-1
- SUSE-SU-2023:0747-1
- SUSE-SU-2023:0749-1
- SUSE-SU-2023:0749-2
- SUSE-SU-2023:0762-1
- SUSE-SU-2023:0767-1
- SUSE-SU-2023:0768-1
- SUSE-SU-2023:0770-1
- SUSE-SU-2023:0774-1
- SUSE-SU-2023:0778-1
- SUSE-SU-2023:0779-1
- SUSE-SU-2023:0780-1
- SUSE-SU-2023:0796-1
- SUSE-SU-2023:0852-1
- SUSE-SU-2023:1574-1
- SUSE-SU-2023:1576-1
- SUSE-SU-2023:1579-1
- SUSE-SU-2023:1588-1
- SUSE-SU-2023:1591-1
- SUSE-SU-2023:1592-1
- SUSE-SU-2023:1595-1
- SUSE-SU-2023:1599-1
- SUSE-SU-2023:1602-1
- SUSE-SU-2023:1605-1
- SUSE-SU-2023:1608-1
- SUSE-SU-2023:1609-1
- SUSE-SU-2023:1619-1
- SUSE-SU-2023:1621-1
- SUSE-SU-2023:1635-1
- SUSE-SU-2023:1639-1
- SUSE-SU-2023:1647-1
- SUSE-SU-2023:1649-1
- SUSE-SU-2023:1651-1
- SUSE-SU-2023:1653-1
- SUSE-SU-2023:1654-1
- SUSE-SU-2023:1708-1
- SUSE-SU-2023:1710-1
- SUSE-SU-2023:2646-1
- SUSE-SU-2023:2809-1
- SUSE-SU-2023:2871-1
- USN-5915-1
- USN-5917-1
- USN-5924-1
- USN-5927-1
- USN-5934-1
- USN-5939-1
- USN-5940-1
- USN-5951-1
- USN-5970-1
- USN-5975-1
- USN-5978-1
- USN-5979-1
- USN-5981-1
- USN-5982-1
- USN-5984-1
- USN-5987-1
- USN-5991-1
- USN-6000-1
- USN-6001-1
- USN-6004-1
- USN-6009-1
- USN-6013-1
- USN-6014-1
- USN-6024-1
- USN-6025-1
- USN-6027-1
- USN-6029-1
- USN-6030-1
- USN-6040-1
- USN-6057-1
- USN-6071-1
- USN-6072-1
- USN-6093-1
- USN-6134-1
- USN-6222-1
- USN-6256-1
Source | # ID | Name | URL |
---|---|---|---|
Suse | SUSE ratings | https://www.suse.com/support/security/rating/ | |
Suse | URL of this CSAF notice | https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_1640-1.json | |
Suse | URL for SUSE-SU-2023:1640-1 | https://www.suse.com/support/update/announcement/2023/suse-su-20231640-1/ | |
Suse | E-Mail link for SUSE-SU-2023:1640-1 | https://lists.suse.com/pipermail/sle-updates/2023-March/028432.html | |
Bugzilla | SUSE Bug 1207190 | https://bugzilla.suse.com/1207190 | |
Bugzilla | SUSE Bug 1208909 | https://bugzilla.suse.com/1208909 | |
CVE | SUSE CVE CVE-2023-0266 page | https://www.suse.com/security/cve/CVE-2023-0266/ | |
CVE | SUSE CVE CVE-2023-26545 page | https://www.suse.com/security/cve/CVE-2023-26545/ |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |