[SUSE-SU-2023:4028-1] Security update for the Linux Kernel

Severity Important

Affected Packages 14

CVEs 8

Security update for the Linux Kernel

The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

CVE-2023-1077: Fixed a type confusion in pick_next_rt_entity() that could cause memory corruption (bsc#1208600).
CVE-2023-4623: Fixed a use-after-free issue in the HFSC network scheduler which could be exploited to achieve local privilege escalation (bsc#1215115).
CVE-2023-1192: Fixed use-after-free in cifs_demultiplex_thread() (bsc#1208995).
CVE-2023-20588: Fixed a potential data leak that could be triggered through a side channel when division by zero occurred on some AMD processors (bsc#1213927).
CVE-2023-4459: Fixed a NULL pointer dereference flaw in the vmxnet3 driver that may have allowed a local attacker with user privileges to cause a denial of service (bsc#1214451).
CVE-2023-3772: Fixed a flaw in the XFRM subsystem that may have allowed a malicious user with CAP_NET_ADMIN privileges to directly dereference a NULL pointer leading to denial of service (bsc#1213666).
CVE-2023-2007: Removed the dpt_i2o driver due to security issues (bsc#1210448, jsc#PED-4579).
CVE-2023-4385: Fixed a NULL pointer dereference flaw in dbFree that may have allowed a local attacker to crash the system due to a missing sanity check (bsc#1214348).

Package	Affected Version
pkg:rpm/suse/kernel-xen?arch=x86_64&distro=sles-11&sp=4	< 3.0.101-108.147.1
pkg:rpm/suse/kernel-xen-devel?arch=x86_64&distro=sles-11&sp=4	< 3.0.101-108.147.1
pkg:rpm/suse/kernel-xen-base?arch=x86_64&distro=sles-11&sp=4	< 3.0.101-108.147.1
pkg:rpm/suse/kernel-trace?arch=x86_64&distro=sles-11&sp=4	< 3.0.101-108.147.1
pkg:rpm/suse/kernel-trace-devel?arch=x86_64&distro=sles-11&sp=4	< 3.0.101-108.147.1
pkg:rpm/suse/kernel-trace-base?arch=x86_64&distro=sles-11&sp=4	< 3.0.101-108.147.1
pkg:rpm/suse/kernel-syms?arch=x86_64&distro=sles-11&sp=4	< 3.0.101-108.147.1
pkg:rpm/suse/kernel-source?arch=x86_64&distro=sles-11&sp=4	< 3.0.101-108.147.1
pkg:rpm/suse/kernel-ec2?arch=x86_64&distro=sles-11&sp=4	< 3.0.101-108.147.1
pkg:rpm/suse/kernel-ec2-devel?arch=x86_64&distro=sles-11&sp=4	< 3.0.101-108.147.1
pkg:rpm/suse/kernel-ec2-base?arch=x86_64&distro=sles-11&sp=4	< 3.0.101-108.147.1
pkg:rpm/suse/kernel-default?arch=x86_64&distro=sles-11&sp=4	< 3.0.101-108.147.1
pkg:rpm/suse/kernel-default-devel?arch=x86_64&distro=sles-11&sp=4	< 3.0.101-108.147.1
pkg:rpm/suse/kernel-default-base?arch=x86_64&distro=sles-11&sp=4	< 3.0.101-108.147.1

ID

SUSE-SU-2023:4028-1

Severity

important

URL

https://www.suse.com/support/update/announcement/2023/suse-su-20234028-1/

Published

2023-10-10T12:06:24
(11 months ago)

Modified

2023-10-10T12:06:24
(11 months ago)

Rights

Other Advisories

Source	Name	URL
Suse	SUSE ratings	https://www.suse.com/support/security/rating/
Suse	URL of this CSAF notice	https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_4028-1.json
Suse	URL for SUSE-SU-2023:4028-1	https://www.suse.com/support/update/announcement/2023/suse-su-20234028-1/
Suse	E-Mail link for SUSE-SU-2023:4028-1	https://lists.suse.com/pipermail/sle-security-updates/2023-October/016622.html
Bugzilla	SUSE Bug 1208600	https://bugzilla.suse.com/1208600
Bugzilla	SUSE Bug 1208995	https://bugzilla.suse.com/1208995
Bugzilla	SUSE Bug 1210448	https://bugzilla.suse.com/1210448
Bugzilla	SUSE Bug 1213666	https://bugzilla.suse.com/1213666
Bugzilla	SUSE Bug 1213927	https://bugzilla.suse.com/1213927
Bugzilla	SUSE Bug 1214348	https://bugzilla.suse.com/1214348
Bugzilla	SUSE Bug 1214451	https://bugzilla.suse.com/1214451
Bugzilla	SUSE Bug 1215115	https://bugzilla.suse.com/1215115
CVE	SUSE CVE CVE-2023-1077 page	https://www.suse.com/security/cve/CVE-2023-1077/
CVE	SUSE CVE CVE-2023-1192 page	https://www.suse.com/security/cve/CVE-2023-1192/
CVE	SUSE CVE CVE-2023-2007 page	https://www.suse.com/security/cve/CVE-2023-2007/
CVE	SUSE CVE CVE-2023-20588 page	https://www.suse.com/security/cve/CVE-2023-20588/
CVE	SUSE CVE CVE-2023-3772 page	https://www.suse.com/security/cve/CVE-2023-3772/
CVE	SUSE CVE CVE-2023-4385 page	https://www.suse.com/security/cve/CVE-2023-4385/
CVE	SUSE CVE CVE-2023-4459 page	https://www.suse.com/security/cve/CVE-2023-4459/
CVE	SUSE CVE CVE-2023-4623 page	https://www.suse.com/security/cve/CVE-2023-4623/

Type	Package URL	Namespace	Name / Product	Version	Distribution / Platform	Arch
Affected	pkg:rpm/suse/kernel-xen?arch=x86_64&distro=sles-11&sp=4	suse	kernel-xen	< 3.0.101-108.147.1	sles-11	x86_64
Affected	pkg:rpm/suse/kernel-xen-devel?arch=x86_64&distro=sles-11&sp=4	suse	kernel-xen-devel	< 3.0.101-108.147.1	sles-11	x86_64
Affected	pkg:rpm/suse/kernel-xen-base?arch=x86_64&distro=sles-11&sp=4	suse	kernel-xen-base	< 3.0.101-108.147.1	sles-11	x86_64
Affected	pkg:rpm/suse/kernel-trace?arch=x86_64&distro=sles-11&sp=4	suse	kernel-trace	< 3.0.101-108.147.1	sles-11	x86_64
Affected	pkg:rpm/suse/kernel-trace-devel?arch=x86_64&distro=sles-11&sp=4	suse	kernel-trace-devel	< 3.0.101-108.147.1	sles-11	x86_64
Affected	pkg:rpm/suse/kernel-trace-base?arch=x86_64&distro=sles-11&sp=4	suse	kernel-trace-base	< 3.0.101-108.147.1	sles-11	x86_64
Affected	pkg:rpm/suse/kernel-syms?arch=x86_64&distro=sles-11&sp=4	suse	kernel-syms	< 3.0.101-108.147.1	sles-11	x86_64
Affected	pkg:rpm/suse/kernel-source?arch=x86_64&distro=sles-11&sp=4	suse	kernel-source	< 3.0.101-108.147.1	sles-11	x86_64
Affected	pkg:rpm/suse/kernel-ec2?arch=x86_64&distro=sles-11&sp=4	suse	kernel-ec2	< 3.0.101-108.147.1	sles-11	x86_64
Affected	pkg:rpm/suse/kernel-ec2-devel?arch=x86_64&distro=sles-11&sp=4	suse	kernel-ec2-devel	< 3.0.101-108.147.1	sles-11	x86_64
Affected	pkg:rpm/suse/kernel-ec2-base?arch=x86_64&distro=sles-11&sp=4	suse	kernel-ec2-base	< 3.0.101-108.147.1	sles-11	x86_64
Affected	pkg:rpm/suse/kernel-default?arch=x86_64&distro=sles-11&sp=4	suse	kernel-default	< 3.0.101-108.147.1	sles-11	x86_64
Affected	pkg:rpm/suse/kernel-default-devel?arch=x86_64&distro=sles-11&sp=4	suse	kernel-default-devel	< 3.0.101-108.147.1	sles-11	x86_64
Affected	pkg:rpm/suse/kernel-default-base?arch=x86_64&distro=sles-11&sp=4	suse	kernel-default-base	< 3.0.101-108.147.1	sles-11	x86_64

# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	Exploits	PoC	Pubblication Date	Modification Date
# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	PoC	Pubblication Date	Modification Date