[SUSE-SU-2023:3079-1] Security update for the Linux Kernel (Live Patch 2 for SLE 15 SP4)
Severity
Important
CVEs
3
Security update for the Linux Kernel (Live Patch 2 for SLE 15 SP4)
This update for the Linux Kernel 5.14.21-150400_24_18 fixes several issues.
The following security issues were fixed:
- CVE-2023-35788: Fixed an out-of-bounds write in the flower classifier code via TCA_FLOWER_KEY_ENC_OPTS_GENEVE packets in fl_set_geneve_opt in net/sched/cls_flower.c (bsc#1212509).
- CVE-2023-2235: Fixed an use-after-free in the Performance Events system can be exploited to achieve local privilege escalation (bsc#1210987).
- CVE-2023-2002: Fixed a flaw that allowed an attacker to unauthorized execution of management commands, compromising the confidentiality, integrity, and availability of Bluetooth communication (bsc#1210566).
- ID
- SUSE-SU-2023:3079-1
- Severity
- important
- URL
- https://www.suse.com/support/update/announcement/2023/suse-su-20233079-1/
- Published
-
2023-07-31T18:34:10
(13 months ago) - Modified
-
2023-07-31T18:34:10
(13 months ago) - Rights
- Copyright 2024 SUSE LLC. All rights reserved.
- Other Advisories
-
- ALAS2-2023-2027
- ALSA-2023:3723
- ALSA-2023:4377
- ALSA-2023:4517
- ALSA-2023:5244
- DSA-5448-1
- DSA-5480-1
- ELSA-2023-3723
- ELSA-2023-4377
- ELSA-2023-4517
- ELSA-2023-4819
- ELSA-2023-5244
- ELSA-2024-2004
- MS:CVE-2023-2235
- RHSA-2023:3705
- RHSA-2023:3708
- RHSA-2023:3723
- RHSA-2023:4377
- RHSA-2023:4378
- RHSA-2023:4380
- RHSA-2023:4517
- RHSA-2023:4541
- RHSA-2023:4819
- RHSA-2023:4821
- RHSA-2023:4834
- RHSA-2023:5221
- RHSA-2023:5244
- RHSA-2023:5255
- RHSA-2024:2003
- RHSA-2024:2004
- RLSA-2023:4517
- RLSA-2023:5244
- SSA:2023-172-02
- SSA:2023-325-01
- SUSE-SU-2023:2140-1
- SUSE-SU-2023:2141-1
- SUSE-SU-2023:2231-1
- SUSE-SU-2023:2500-1
- SUSE-SU-2023:2646-1
- SUSE-SU-2023:2653-1
- SUSE-SU-2023:2782-1
- SUSE-SU-2023:2804-1
- SUSE-SU-2023:2808-1
- SUSE-SU-2023:2809-1
- SUSE-SU-2023:2810-1
- SUSE-SU-2023:2820-1
- SUSE-SU-2023:2822-1
- SUSE-SU-2023:2830-1
- SUSE-SU-2023:2831-1
- SUSE-SU-2023:2834-1
- SUSE-SU-2023:2859-1
- SUSE-SU-2023:2871-1
- SUSE-SU-2023:2892-1
- SUSE-SU-2023:3035-1
- SUSE-SU-2023:3036-1
- SUSE-SU-2023:3041-1
- SUSE-SU-2023:3046-1
- SUSE-SU-2023:3055-1
- SUSE-SU-2023:3063-1
- SUSE-SU-2023:3069-1
- SUSE-SU-2023:3073-1
- SUSE-SU-2023:3075-1
- SUSE-SU-2023:3076-1
- SUSE-SU-2023:3081-1
- SUSE-SU-2023:3083-1
- SUSE-SU-2023:3104-1
- SUSE-SU-2023:3107-1
- SUSE-SU-2023:3111-1
- SUSE-SU-2023:3115-1
- SUSE-SU-2023:3116-1
- SUSE-SU-2023:3153-1
- USN-6173-1
- USN-6175-1
- USN-6186-1
- USN-6192-1
- USN-6193-1
- USN-6194-1
- USN-6205-1
- USN-6206-1
- USN-6212-1
- USN-6220-1
- USN-6223-1
- USN-6234-1
- USN-6235-1
- USN-6256-1
- USN-6283-1
- USN-6300-1
- USN-6311-1
- USN-6332-1
- USN-6340-1
- USN-6340-2
- USN-6347-1
- USN-6349-1
- USN-6357-1
- USN-6385-1
- USN-6397-1
- USN-6701-1
- USN-6701-2
- USN-6701-3
- USN-6701-4
Source | # ID | Name | URL |
---|---|---|---|
Suse | SUSE ratings | https://www.suse.com/support/security/rating/ | |
Suse | URL of this CSAF notice | https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_3079-1.json | |
Suse | URL for SUSE-SU-2023:3079-1 | https://www.suse.com/support/update/announcement/2023/suse-su-20233079-1/ | |
Suse | E-Mail link for SUSE-SU-2023:3079-1 | https://lists.suse.com/pipermail/sle-security-updates/2023-July/015712.html | |
Bugzilla | SUSE Bug 1210566 | https://bugzilla.suse.com/1210566 | |
Bugzilla | SUSE Bug 1210987 | https://bugzilla.suse.com/1210987 | |
Bugzilla | SUSE Bug 1212509 | https://bugzilla.suse.com/1212509 | |
CVE | SUSE CVE CVE-2023-2002 page | https://www.suse.com/security/cve/CVE-2023-2002/ | |
CVE | SUSE CVE CVE-2023-2235 page | https://www.suse.com/security/cve/CVE-2023-2235/ | |
CVE | SUSE CVE CVE-2023-35788 page | https://www.suse.com/security/cve/CVE-2023-35788/ |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |