[SUSE-SU-2023:2147-1] Security update for the Linux Kernel
Severity
Important
Affected Packages
1
CVEs
15
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2023-2124: Fixed an out of bound access in the XFS subsystem that could have lead to denial-of-service or potentially privilege escalation (bsc#1210498).
- CVE-2023-1872:Fixed a use after free vulnerability in the io_uring subsystem, which could lead to local privilege escalation (bsc#1210414).
- CVE-2022-2196: Fixed a regression related to KVM that allowed for speculative execution attacks (bsc#1206992).
- CVE-2023-1670: Fixed a use after free in the Xircom 16-bit PCMCIA Ethernet driver. A local user could use this flaw to crash the system or potentially escalate their privileges on the system (bsc#1209871).
- CVE-2023-2162: Fixed an use-after-free flaw in iscsi_sw_tcp_session_create (bsc#1210647).
- CVE-2023-2176: A vulnerability was found in compare_netdev_and_ip in drivers/infiniband/core/cma.c in RDMA. The improper cleanup results in out-of-boundary read, where a local user can utilize this problem to crash the system or escalation of privilege (bsc#1210629).
- CVE-2023-1998: Fixed a use after free during login when accessing the shost ipaddress (bsc#1210506).
- CVE-2023-30772: Fixed a race condition and resultant use-after-free in da9150_charger_remove (bsc#1210329).
- CVE-2023-2008: A flaw was found in the fault handler of the udmabuf device driver. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code (bsc#1210453).
- CVE-2023-1855: Fixed a use after free in xgene_hwmon_remove (bsc#1210202).
- CVE-2020-36691: Fixed a denial of service vulnerability via a nested Netlink policy with a back reference (bsc#1209777).
- CVE-2023-1990: Fixed a use after free in ndlc_remove (bsc#1210337).
- CVE-2023-1989: Fixed a use after free in btsdio_remove (bsc#1210336).
- CVE-2023-1611: Fixed an use-after-free flaw in btrfs_search_slot (bsc#1209687).
- CVE-2023-1838: Fixed an use-after-free flaw in virtio network subcomponent. This flaw could allow a local attacker to crash the system and lead to a kernel information leak problem. (bsc#1210203).
The following non-security bugs were fixed:
- Drivers: vmbus: Check for channel allocation before looking up relids (git-fixes).
- cifs: fix negotiate context parsing (bsc#1210301).
- keys: Fix linking a duplicate key to a keyring's assoc_array (bsc#1207088).
- vmxnet3: use gro callback when UPT is enabled (bsc#1209739).
Package | Affected Version |
---|---|
pkg:rpm/suse/kernel-rt?arch=x86_64&distro=slem-5 | < 5.3.18-150300.127.1 |
- ID
- SUSE-SU-2023:2147-1
- Severity
- important
- URL
- https://www.suse.com/support/update/announcement/2023/suse-su-20232147-1/
- Published
-
2023-05-09T15:04:16
(16 months ago) - Modified
-
2023-05-09T15:04:16
(16 months ago) - Rights
- Copyright 2024 SUSE LLC. All rights reserved.
- Other Advisories
-
- ALAS-2023-1701
- ALAS-2023-1735
- ALAS2-2023-1987
- ALAS2-2023-2027
- ALSA-2023:2458
- ALSA-2023:2951
- ALSA-2023:3723
- ALSA-2023:4377
- ALSA-2023:4517
- ALSA-2023:7077
- ALSA-2024:0113
- ALSA-2024:0897
- DSA-5448-1
- DSA-5480-1
- DSA-5492-1
- ELSA-2023-12226
- ELSA-2023-12255
- ELSA-2023-12256
- ELSA-2023-12375
- ELSA-2023-12974
- ELSA-2023-13001
- ELSA-2023-13005
- ELSA-2023-2458
- ELSA-2023-2951
- ELSA-2023-3723
- ELSA-2023-4377
- ELSA-2023-4517
- ELSA-2023-6583
- ELSA-2023-7077
- ELSA-2024-0461
- ELSA-2024-0897
- ELSA-2024-12069
- ELSA-2024-12094
- ELSA-2024-12169
- ELSA-2024-12187
- ELSA-2024-12354
- FEDORA-2023-00393126a0
- FEDORA-2023-26325e5399
- FEDORA-2023-3fd7349f60
- FEDORA-2023-98251cef79
- FEDORA-2023-c46eb02bbf
- FEDORA-2023-d525cf5272
- FEDORA-2023-dfd4a6e8f2
- FEDORA-2023-f4f9182dc8
- RHSA-2022:7933
- RHSA-2022:8267
- RHSA-2023:2148
- RHSA-2023:2458
- RHSA-2023:2736
- RHSA-2023:2951
- RHSA-2023:3708
- RHSA-2023:3723
- RHSA-2023:4377
- RHSA-2023:4378
- RHSA-2023:4517
- RHSA-2023:4541
- RHSA-2023:6901
- RHSA-2023:7077
- RHSA-2024:0113
- RHSA-2024:0134
- RHSA-2024:0881
- RHSA-2024:0897
- RLSA-2023:4517
- SSA:2023-172-02
- SSA:2023-325-01
- SUSE-SU-2023:1894-1
- SUSE-SU-2023:1895-1
- SUSE-SU-2023:1897-1
- SUSE-SU-2023:1992-1
- SUSE-SU-2023:2140-1
- SUSE-SU-2023:2141-1
- SUSE-SU-2023:2146-1
- SUSE-SU-2023:2148-1
- SUSE-SU-2023:2151-1
- SUSE-SU-2023:2156-1
- SUSE-SU-2023:2162-1
- SUSE-SU-2023:2163-1
- SUSE-SU-2023:2231-1
- SUSE-SU-2023:2232-1
- SUSE-SU-2023:2368-1
- SUSE-SU-2023:2369-1
- SUSE-SU-2023:2371-1
- SUSE-SU-2023:2376-1
- SUSE-SU-2023:2384-1
- SUSE-SU-2023:2386-1
- SUSE-SU-2023:2389-1
- SUSE-SU-2023:2395-1
- SUSE-SU-2023:2399-1
- SUSE-SU-2023:2401-1
- SUSE-SU-2023:2405-1
- SUSE-SU-2023:2415-1
- SUSE-SU-2023:2416-1
- SUSE-SU-2023:2420-1
- SUSE-SU-2023:2422-1
- SUSE-SU-2023:2423-1
- SUSE-SU-2023:2425-1
- SUSE-SU-2023:2428-1
- SUSE-SU-2023:2431-1
- SUSE-SU-2023:2442-1
- SUSE-SU-2023:2443-1
- SUSE-SU-2023:2448-1
- SUSE-SU-2023:2453-1
- SUSE-SU-2023:2455-1
- SUSE-SU-2023:2459-1
- SUSE-SU-2023:2468-1
- SUSE-SU-2023:2500-1
- SUSE-SU-2023:2501-1
- SUSE-SU-2023:2506-1
- SUSE-SU-2023:2507-1
- SUSE-SU-2023:2534-1
- SUSE-SU-2023:2537-1
- SUSE-SU-2023:2538-1
- SUSE-SU-2023:2646-1
- SUSE-SU-2023:2651-1
- SUSE-SU-2023:2653-1
- SUSE-SU-2023:2782-1
- SUSE-SU-2023:2805-1
- SUSE-SU-2023:2809-1
- SUSE-SU-2023:2871-1
- SUSE-SU-2023:3566-1
- SUSE-SU-2023:3576-1
- SUSE-SU-2023:3582-1
- SUSE-SU-2023:3592-1
- SUSE-SU-2023:3594-1
- SUSE-SU-2023:3595-1
- SUSE-SU-2023:3596-1
- SUSE-SU-2023:3603-1
- SUSE-SU-2023:3607-1
- SUSE-SU-2023:3612-1
- SUSE-SU-2023:3623-1
- SUSE-SU-2023:3627-1
- SUSE-SU-2023:3629-1
- SUSE-SU-2023:3630-1
- SUSE-SU-2023:3644-1
- SUSE-SU-2023:3647-1
- SUSE-SU-2023:3668-1
- SUSE-SU-2023:3671-1
- SUSE-SU-2024:2010-1
- SUSE-SU-2024:2183-1
- SUSE-SU-2024:2185-1
- USN-5970-1
- USN-5976-1
- USN-5977-1
- USN-5978-1
- USN-5979-1
- USN-5980-1
- USN-5982-1
- USN-5985-1
- USN-5987-1
- USN-6004-1
- USN-6020-1
- USN-6033-1
- USN-6044-1
- USN-6045-1
- USN-6051-1
- USN-6070-1
- USN-6079-1
- USN-6080-1
- USN-6081-1
- USN-6084-1
- USN-6085-1
- USN-6090-1
- USN-6091-1
- USN-6092-1
- USN-6094-1
- USN-6095-1
- USN-6096-1
- USN-6107-1
- USN-6109-1
- USN-6118-1
- USN-6123-1
- USN-6124-1
- USN-6132-1
- USN-6133-1
- USN-6134-1
- USN-6151-1
- USN-6171-1
- USN-6172-1
- USN-6175-1
- USN-6185-1
- USN-6186-1
- USN-6187-1
- USN-6194-1
- USN-6206-1
- USN-6207-1
- USN-6221-1
- USN-6222-1
- USN-6223-1
- USN-6224-1
- USN-6228-1
- USN-6231-1
- USN-6235-1
- USN-6252-1
- USN-6254-1
- USN-6256-1
- USN-6284-1
- USN-6300-1
- USN-6301-1
- USN-6311-1
- USN-6312-1
- USN-6314-1
- USN-6331-1
- USN-6332-1
- USN-6337-1
- USN-6347-1
- USN-6385-1
- USN-6739-1
- USN-6740-1
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/suse/kernel-rt?arch=x86_64&distro=slem-5 | suse | kernel-rt | < 5.3.18-150300.127.1 | slem-5 | x86_64 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |