[SUSE-SU-2023:2689-1] Security update for the Linux Kernel (Live Patch 41 for SLE 12 SP5)
Severity
Important
CVEs
3
Security update for the Linux Kernel (Live Patch 41 for SLE 12 SP5)
This update for the Linux Kernel 4.12.14-122_153 fixes several issues.
The following security issues were fixed:
- CVE-2023-31436: Fixed an out-of-bounds write in qfq_change_class() because lmax can exceed QFQ_MIN_LMAX (bsc#1210989).
- CVE-2023-1390: Fixed remote DoS vulnerability in tipc_link_xmit() (bsc#1210779).
- CVE-2023-28466: Fixed race condition that could lead to use-after-free or NULL pointer dereference in do_tls_getsockopt in net/tls/tls_main.c (bsc#1210452).
- ID
- SUSE-SU-2023:2689-1
- Severity
- important
- URL
- https://www.suse.com/support/update/announcement/2023/suse-su-20232689-1/
- Published
-
2023-06-28T14:07:11
(14 months ago) - Modified
-
2023-06-28T14:07:11
(14 months ago) - Rights
- Copyright 2024 SUSE LLC. All rights reserved.
- Other Advisories
-
- ALAS-2021-1480
- ALAS-2023-1744
- ALAS-2023-1773
- ALAS2-2021-1600
- ALAS2-2023-2035
- ALAS2-2023-2100
- ALSA-2023:3723
- ALSA-2023:3819
- ALSA-2023:3847
- ALSA-2023:7077
- DSA-5402-1
- ELSA-2023-3723
- ELSA-2023-3847
- ELSA-2023-7077
- ELSA-2024-1831
- MS:CVE-2023-31436
- RHSA-2021:1578
- RHSA-2021:1739
- RHSA-2023:3708
- RHSA-2023:3723
- RHSA-2023:3819
- RHSA-2023:3847
- RHSA-2023:6901
- RHSA-2023:7077
- RHSA-2024:1323
- RLSA-2023:3847
- SSA:2023-172-02
- SUSE-SU-2023:1800-1
- SUSE-SU-2023:1801-1
- SUSE-SU-2023:1802-1
- SUSE-SU-2023:1803-1
- SUSE-SU-2023:1811-1
- SUSE-SU-2023:1848-1
- SUSE-SU-2023:1892-1
- SUSE-SU-2023:1894-1
- SUSE-SU-2023:1897-1
- SUSE-SU-2023:1992-1
- SUSE-SU-2023:2232-1
- SUSE-SU-2023:2500-1
- SUSE-SU-2023:2501-1
- SUSE-SU-2023:2502-1
- SUSE-SU-2023:2507-1
- SUSE-SU-2023:2534-1
- SUSE-SU-2023:2537-1
- SUSE-SU-2023:2538-1
- SUSE-SU-2023:2611-1
- SUSE-SU-2023:2646-1
- SUSE-SU-2023:2651-1
- SUSE-SU-2023:2653-1
- SUSE-SU-2023:2660-1
- SUSE-SU-2023:2666-1
- SUSE-SU-2023:2679-1
- SUSE-SU-2023:2680-1
- SUSE-SU-2023:2681-1
- SUSE-SU-2023:2686-1
- SUSE-SU-2023:2687-1
- SUSE-SU-2023:2690-1
- SUSE-SU-2023:2694-1
- SUSE-SU-2023:2695-1
- SUSE-SU-2023:2697-1
- SUSE-SU-2023:2698-1
- SUSE-SU-2023:2700-1
- SUSE-SU-2023:2701-1
- SUSE-SU-2023:2702-1
- SUSE-SU-2023:2703-1
- SUSE-SU-2023:2708-1
- SUSE-SU-2023:2709-1
- SUSE-SU-2023:2710-1
- SUSE-SU-2023:2714-1
- SUSE-SU-2023:2718-1
- SUSE-SU-2023:2719-1
- SUSE-SU-2023:2720-1
- SUSE-SU-2023:2721-1
- SUSE-SU-2023:2724-1
- SUSE-SU-2023:2727-1
- SUSE-SU-2023:2731-1
- SUSE-SU-2023:2734-1
- SUSE-SU-2023:2735-1
- SUSE-SU-2023:2741-1
- SUSE-SU-2023:2743-1
- SUSE-SU-2023:2755-1
- SUSE-SU-2023:2782-1
- SUSE-SU-2023:2805-1
- SUSE-SU-2023:2809-1
- SUSE-SU-2023:2871-1
- USN-6033-1
- USN-6045-1
- USN-6127-1
- USN-6130-1
- USN-6131-1
- USN-6132-1
- USN-6135-1
- USN-6149-1
- USN-6150-1
- USN-6162-1
- USN-6173-1
- USN-6175-1
- USN-6186-1
- USN-6222-1
- USN-6256-1
- USN-6284-1
- USN-6300-1
- USN-6301-1
- USN-6311-1
- USN-6312-1
- USN-6314-1
- USN-6331-1
- USN-6332-1
- USN-6337-1
- USN-6347-1
- USN-6385-1
- USN-6460-1
Source | # ID | Name | URL |
---|---|---|---|
Suse | SUSE ratings | https://www.suse.com/support/security/rating/ | |
Suse | URL of this CSAF notice | https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_2689-1.json | |
Suse | URL for SUSE-SU-2023:2689-1 | https://www.suse.com/support/update/announcement/2023/suse-su-20232689-1/ | |
Suse | E-Mail link for SUSE-SU-2023:2689-1 | https://lists.suse.com/pipermail/sle-updates/2023-June/030112.html | |
Bugzilla | SUSE Bug 1210452 | https://bugzilla.suse.com/1210452 | |
Bugzilla | SUSE Bug 1210779 | https://bugzilla.suse.com/1210779 | |
Bugzilla | SUSE Bug 1210989 | https://bugzilla.suse.com/1210989 | |
CVE | SUSE CVE CVE-2023-1390 page | https://www.suse.com/security/cve/CVE-2023-1390/ | |
CVE | SUSE CVE CVE-2023-28466 page | https://www.suse.com/security/cve/CVE-2023-28466/ | |
CVE | SUSE CVE CVE-2023-31436 page | https://www.suse.com/security/cve/CVE-2023-31436/ |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |