SB2023051053 - SUSE update for the Linux Kernel 

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2023051053

SB2023051053 - SUSE update for the Linux Kernel

Published: May 10, 2023 Updated: October 25, 2024

Security Bulletin ID SB2023051053
Severity
Medium
Patch available
YES
Number of vulnerabilities 15
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

Medium 7% Low 93%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 15 secuirty vulnerabilities.


1) Uncontrolled Recursion (CVE-ID: CVE-2020-36691)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to uncontrolled recursion in lib/nlattr.c. A local user can use a nested Netlink policy with a back reference to crash the kernel.


2) Improper Initialization (CVE-ID: CVE-2022-2196)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to improper initialization within nVMX in Linux kernel. A local user can perform speculative execution attacks and escalate privileges on the system.


3) Buffer overflow (CVE-ID: CVE-2022-43945)

The vulnerability allows a remote attacker to perform a denial of service attacl.

The vulnerability exists due to a boundary error within the Linux kernel NFSD implementation. A remote attacker can send the RPC message over TCP with garbage data added at the end of the message, trigger memory corruption and perform a denial of service (DoS) attack.


4) Use-after-free (CVE-ID: CVE-2023-1611)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a use-after-free error within the btrfs_search_slot() function in fs/btrfs/ctree.c. A local user can trigger a use-after-free error and crash the kernel.


5) Use-after-free (CVE-ID: CVE-2023-1670)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the Xircom 16-bit PCMCIA (PC-card) Ethernet driver. A local user can trigger a use-after-free error and execute arbitrary code on the system.


6) Use-after-free (CVE-ID: CVE-2023-1838)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a use-after-free error within the vhost_net_set_backend() function in drivers/vhost/net.c. A local user can trigger a use-after-free error and crash the kernel.

7) Use-after-free (CVE-ID: CVE-2023-1855)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the xgene_hwmon_remove() function in drivers/hwmon/xgene-hwmon.c in the Hardware Monitoring Linux Kernel Driver (xgene-hwmon). A local user can trigger a use-after-free error and execute arbitrary code on the system.


8) Use-after-free (CVE-ID: CVE-2023-1872)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the io_file_get_fixed function. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.


9) Use-after-free (CVE-ID: CVE-2023-1989)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the btsdio_remove() function in driversluetoothtsdio.c. A local user can trigger a use-after-free error and escalate privileges on the system.


10) Use-after-free (CVE-ID: CVE-2023-1990)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a use-after-free error within the ndlc_remove() function in drivers/nfc/st-nci/ndlc.c. A local user can trigger a use-after-free error and perform a denial of service (DoS) attack.


11) Security features bypass (CVE-ID: CVE-2023-1998)

The vulnerability allows a local user to bypass implemented security restrictions.

The vulnerability exists due to incorrect implementation of the Spectre v2 SMT mitigations, related to calling prctl with PR_SET_SPECULATION_CTRL. An attacker can gain unauthorized access to kernel memory from userspace.


12) Improper validation of array index (CVE-ID: CVE-2023-2008)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to incorrect validation of array index within a fault handler in drivers/dma-buf/udmabuf.c. A local privileged user can execute arbitrary code with kernel privileges.


13) Use-after-free (CVE-ID: CVE-2023-2162)

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to a use-after-free error within the scsi_sw_tcp_session_create() function in drivers/scsi/iscsi_tcp.c in SCSI sub-component in the Linux Kernel. A local user can trigger a use-after-free error and gain access to sensitive information.


14) Out-of-bounds read (CVE-ID: CVE-2023-2176)

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition within the compare_netdev_and_ip() function in drivers/infiniband/core/cma.c in RDMA in the Linux Kernel. A local user can trigger an out-of-bounds read error and read contents of memory on the system.


15) Race condition (CVE-ID: CVE-2023-30772)

The vulnerability allows an attacker to compromise the affected system.

The vulnerability exists due to a race condition in rivers/power/supply/da9150-charger.c in Linux kernel. An attacker with physical access to device can trigger a race condition while unplugin the device and execute arbitrary code on the system.


Remediation

Install update from vendor's website.

References