[SUSE-SU-2024:0995-1] Security update for the Linux Kernel RT (Live Patch 1 for SLE 15 SP5)
Severity
Important
CVEs
4
Security update for the Linux Kernel RT (Live Patch 1 for SLE 15 SP5)
This update for the Linux Kernel 5.14.21-150500_13_5 fixes several issues.
The following security issues were fixed:
- CVE-2023-6531: Fixed a use-after-free flaw due to a race problem in the unix garbage collector's deletion of SKB races with unix_stream_read_generic()on the socket that the SKB is queued on (bsc#1218487).
- CVE-2023-46813: Fixed a local privilege escalation with user-space programs that have access to MMIO regions (bsc#1216898).
- CVE-2023-39191: Fixed a lack of validation of dynamic pointers within user-supplied eBPF programs that may have allowed an attacker with CAP_BPF privileges to escalate privileges and execute arbitrary code. (bsc#1215863)
- CVE-2023-51779: Fixed a use-after-free because of a bt_sock_ioctl race condition in bt_sock_recvmsg (bsc#1218610).
- ID
- SUSE-SU-2024:0995-1
- Severity
- important
- URL
- https://www.suse.com/support/update/announcement/2024/suse-su-20240995-1/
- Published
-
2024-03-26T09:33:27
(5 months ago) - Modified
-
2024-03-26T09:33:27
(5 months ago) - Rights
- Copyright 2024 SUSE LLC. All rights reserved.
- Other Advisories
-
- ALSA-2024:0897
- ALSA-2024:3138
- DSA-5593-1
- DSA-5594-1
- ELSA-2023-6583
- ELSA-2024-0461
- ELSA-2024-0897
- ELSA-2024-12094
- ELSA-2024-12159
- ELSA-2024-12187
- ELSA-2024-2394
- ELSA-2024-3138
- MS:CVE-2023-46813
- RHSA-2024:0881
- RHSA-2024:0897
- RHSA-2024:2950
- RHSA-2024:3138
- RLSA-2024:3138
- SSA:2023-325-01
- SUSE-SU-2023:4343-1
- SUSE-SU-2023:4345-1
- SUSE-SU-2023:4351-1
- SUSE-SU-2023:4375-1
- SUSE-SU-2023:4414-1
- SUSE-SU-2023:4732-1
- SUSE-SU-2024:0110-1
- SUSE-SU-2024:0112-1
- SUSE-SU-2024:0113-1
- SUSE-SU-2024:0115-1
- SUSE-SU-2024:0117-1
- SUSE-SU-2024:0118-1
- SUSE-SU-2024:0120-1
- SUSE-SU-2024:0129-1
- SUSE-SU-2024:0141-1
- SUSE-SU-2024:0153-1
- SUSE-SU-2024:0154-1
- SUSE-SU-2024:0156-1
- SUSE-SU-2024:0160-1
- SUSE-SU-2024:0469-1
- SUSE-SU-2024:0514-1
- SUSE-SU-2024:0516-1
- SUSE-SU-2024:0986-1
- SUSE-SU-2024:0989-1
- SUSE-SU-2024:0991-1
- SUSE-SU-2024:1017-1
- SUSE-SU-2024:1023-1
- SUSE-SU-2024:1025-1
- SUSE-SU-2024:1028-1
- SUSE-SU-2024:1033-1
- SUSE-SU-2024:1039-1
- SUSE-SU-2024:1040-1
- SUSE-SU-2024:1045-1
- SUSE-SU-2024:1047-1
- SUSE-SU-2024:1053-1
- SUSE-SU-2024:1054-1
- SUSE-SU-2024:1063-1
- SUSE-SU-2024:1072-1
- SUSE-SU-2024:1097-1
- SUSE-SU-2024:1153-1
- SUSE-SU-2024:1276-1
- SUSE-SU-2024:1454-1
- SUSE-SU-2024:1465-1
- SUSE-SU-2024:1489-1
- SUSE-SU-2024:1708-1
- SUSE-SU-2024:1719-1
- SUSE-SU-2024:2008-1
- SUSE-SU-2024:2010-1
- SUSE-SU-2024:2019-1
- SUSE-SU-2024:2120-1
- SUSE-SU-2024:2135-1
- SUSE-SU-2024:2148-1
- SUSE-SU-2024:2183-1
- SUSE-SU-2024:2185-1
- SUSE-SU-2024:2189-1
- SUSE-SU-2024:2190-1
- SUSE-SU-2024:2343-1
- SUSE-SU-2024:2373-1
- SUSE-SU-2024:2740-1
- SUSE-SU-2024:2755-1
- SUSE-SU-2024:3034-1
- SUSE-SU-2024:3043-1
- USN-6533-1
- USN-6606-1
- USN-6624-1
- USN-6626-1
- USN-6626-2
- USN-6626-3
- USN-6628-1
- USN-6628-2
- USN-6639-1
- USN-6652-1
- USN-6680-1
- USN-6680-2
- USN-6680-3
- USN-6681-1
- USN-6681-2
- USN-6681-3
- USN-6681-4
- USN-6686-1
- USN-6686-2
- USN-6686-3
- USN-6686-4
- USN-6686-5
- USN-6705-1
- USN-6716-1
- USN-6739-1
- USN-6740-1
Source | # ID | Name | URL |
---|---|---|---|
Suse | SUSE ratings | https://www.suse.com/support/security/rating/ | |
Suse | URL of this CSAF notice | https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_0995-1.json | |
Suse | URL for SUSE-SU-2024:0995-1 | https://www.suse.com/support/update/announcement/2024/suse-su-20240995-1/ | |
Suse | E-Mail link for SUSE-SU-2024:0995-1 | https://lists.suse.com/pipermail/sle-security-updates/2024-March/018214.html | |
Bugzilla | SUSE Bug 1215887 | https://bugzilla.suse.com/1215887 | |
Bugzilla | SUSE Bug 1216898 | https://bugzilla.suse.com/1216898 | |
Bugzilla | SUSE Bug 1218487 | https://bugzilla.suse.com/1218487 | |
Bugzilla | SUSE Bug 1218610 | https://bugzilla.suse.com/1218610 | |
CVE | SUSE CVE CVE-2023-39191 page | https://www.suse.com/security/cve/CVE-2023-39191/ | |
CVE | SUSE CVE CVE-2023-46813 page | https://www.suse.com/security/cve/CVE-2023-46813/ | |
CVE | SUSE CVE CVE-2023-51779 page | https://www.suse.com/security/cve/CVE-2023-51779/ | |
CVE | SUSE CVE CVE-2023-6531 page | https://www.suse.com/security/cve/CVE-2023-6531/ |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |