[SUSE-SU-2023:4802-1] Security update for the Linux Kernel (Live Patch 38 for SLE 15 SP2)
Severity
Important
CVEs
2
Security update for the Linux Kernel (Live Patch 38 for SLE 15 SP2)
This update for the Linux Kernel 5.3.18-150200_24_157 fixes several issues.
The following security issues were fixed:
- CVE-2023-4622: Fixed a use-after-free vulnerability in the Unix domain sockets component which could be exploited to achieve local privilege escalation (bsc#1215442).
- CVE-2023-2163: Fixed an incorrect verifier pruning in BPF that could lead to unsafe code paths being incorrectly marked as safe, resulting in arbitrary read/write in kernel memory, lateral privilege escalation, and container escape. (bsc#1215519)
- ID
- SUSE-SU-2023:4802-1
- Severity
- important
- URL
- https://www.suse.com/support/update/announcement/2023/suse-su-20234802-1/
- Published
-
2023-12-13T18:09:15
(9 months ago) - Modified
-
2023-12-13T18:09:15
(9 months ago) - Rights
- Copyright 2024 SUSE LLC. All rights reserved.
- Other Advisories
-
- ALAS-2023-1838
- ALAS2-2023-2264
- ALSA-2023:7549
- ALSA-2024:0113
- DSA-5492-1
- ELSA-2023-7549
- ELSA-2024-0461
- ELSA-2024-12069
- ELSA-2024-12094
- ELSA-2024-2004
- MS:CVE-2023-4622
- RHSA-2023:7548
- RHSA-2023:7549
- RHSA-2023:7554
- RHSA-2024:0089
- RHSA-2024:0113
- RHSA-2024:0134
- RHSA-2024:0340
- RHSA-2024:1960
- RHSA-2024:2003
- RHSA-2024:2004
- RLSA-2023:7549
- SUSE-SU-2023:4030-1
- SUSE-SU-2023:4031-1
- SUSE-SU-2023:4032-1
- SUSE-SU-2023:4033-1
- SUSE-SU-2023:4035-1
- SUSE-SU-2023:4057-1
- SUSE-SU-2023:4058-1
- SUSE-SU-2023:4071-1
- SUSE-SU-2023:4072-1
- SUSE-SU-2023:4072-2
- SUSE-SU-2023:4093-1
- SUSE-SU-2023:4095-1
- SUSE-SU-2023:4142-1
- SUSE-SU-2023:4343-1
- SUSE-SU-2023:4345-1
- SUSE-SU-2023:4347-1
- SUSE-SU-2023:4348-1
- SUSE-SU-2023:4351-1
- SUSE-SU-2023:4358-1
- SUSE-SU-2023:4375-1
- SUSE-SU-2023:4377-1
- SUSE-SU-2023:4378-1
- SUSE-SU-2023:4414-1
- SUSE-SU-2023:4766-1
- SUSE-SU-2023:4775-1
- SUSE-SU-2023:4776-1
- SUSE-SU-2023:4795-1
- SUSE-SU-2023:4796-1
- SUSE-SU-2023:4799-1
- SUSE-SU-2023:4801-1
- SUSE-SU-2023:4805-1
- SUSE-SU-2023:4817-1
- SUSE-SU-2023:4820-1
- SUSE-SU-2023:4822-1
- SUSE-SU-2023:4831-1
- SUSE-SU-2023:4833-1
- SUSE-SU-2023:4835-1
- SUSE-SU-2023:4836-1
- SUSE-SU-2023:4839-1
- SUSE-SU-2023:4841-1
- SUSE-SU-2023:4847-1
- SUSE-SU-2023:4848-1
- SUSE-SU-2023:4849-1
- SUSE-SU-2023:4862-1
- SUSE-SU-2023:4863-1
- SUSE-SU-2023:4866-1
- SUSE-SU-2023:4867-1
- SUSE-SU-2023:4871-1
- SUSE-SU-2023:4872-1
- USN-6300-1
- USN-6311-1
- USN-6332-1
- USN-6340-1
- USN-6340-2
- USN-6347-1
- USN-6349-1
- USN-6357-1
- USN-6385-1
- USN-6397-1
- USN-6415-1
- USN-6439-1
- USN-6439-2
- USN-6440-1
- USN-6440-2
- USN-6440-3
- USN-6441-1
- USN-6441-2
- USN-6441-3
- USN-6442-1
- USN-6444-1
- USN-6444-2
- USN-6445-1
- USN-6445-2
- USN-6446-1
- USN-6446-2
- USN-6446-3
- USN-6466-1
Source | # ID | Name | URL |
---|---|---|---|
Suse | SUSE ratings | https://www.suse.com/support/security/rating/ | |
Suse | URL of this CSAF notice | https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_4802-1.json | |
Suse | URL for SUSE-SU-2023:4802-1 | https://www.suse.com/support/update/announcement/2023/suse-su-20234802-1/ | |
Suse | E-Mail link for SUSE-SU-2023:4802-1 | https://lists.suse.com/pipermail/sle-security-updates/2023-December/017336.html | |
Bugzilla | SUSE Bug 1215442 | https://bugzilla.suse.com/1215442 | |
Bugzilla | SUSE Bug 1215519 | https://bugzilla.suse.com/1215519 | |
CVE | SUSE CVE CVE-2023-2163 page | https://www.suse.com/security/cve/CVE-2023-2163/ | |
CVE | SUSE CVE CVE-2023-4622 page | https://www.suse.com/security/cve/CVE-2023-4622/ |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |