Main Vulnerability Database SB2023071423

SB2023071423 - SUSE update for the Linux Kernel

Published: July 14, 2023

Security Bulletin ID SB2023071423

Severity

Low

Patch available

YES

Number of vulnerabilities 12

Exploitation vector Physical access

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 12 secuirty vulnerabilities.

1) Use-after-free (CVE-ID: CVE-2023-1079)

The vulnerability allows an attacker to compromise the vulnerable system.

The vulnerability exists due to a use-after-free error within the asus_kbd_backlight_set() function when plugging in a malicious USB device. An attacker with physical access to the system can inject a malicious USB device, trigger a use-after-free error and execute arbitrary code.

2) Use-after-free (CVE-ID: CVE-2023-1249)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a use-after-free error within the core dump subsystem in Linux kernel. A local user can trigger a use-after-free error and crash the kernel.

3) Information exposure through microarchitectural state after transient execution (CVE-ID: CVE-2023-1637)

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due speculative execution behavior in the Linux kernel X86 CPU Power management options functionality. A local user can gain access to sensitive information.

4) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2023-2002)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to improper permissions check in the Bluetooth subsystem when handling ioctl system calls of HCI sockets. A local user can acquire a trusted socket, leading to unauthorized execution of management commands.

5) Out-of-bounds write (CVE-ID: CVE-2023-3090)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error within the ipvlan network driver in Linux kernel. A local user can trigger an out-of-bounds write and execute arbitrary code with elevated privileges.

6) Use-after-free (CVE-ID: CVE-2023-3111)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the prepare_to_relocate() function in fs/btrfs/relocation.c in btrfs in the Linux Kernel. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.

7) Use-after-free (CVE-ID: CVE-2023-3141)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the r592_remove() function of drivers/memstick/host/r592.c in media access in the Linux kernel. A local user can trigger a use-after-free error and escalate privileges on the system.

8) Use-after-free (CVE-ID: CVE-2023-3159)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the outbound_phy_packet_callback() function in driver/firewire in Linux kernel. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.

9) Incorrect calculation (CVE-ID: CVE-2023-3161)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to incorrect calculation in the Framebuffer Console (fbcon) in the Linux kernel. A local user can perform a denial of service (DoS) attack.

10) Out-of-bounds read (CVE-ID: CVE-2023-3268)

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition within the relay_file_read_start_pos() function in kernel/relay.c in the relayfs. A local user can trigger an out-of-bounds read error and read contents of memory on the system or crash the kernel.

11) NULL pointer dereference (CVE-ID: CVE-2023-3358)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error in the Linux kernel's Integrated Sensor Hub (ISH) driver. A local user and perform a denial of service (DoS) attack.

12) Use-after-free (CVE-ID: CVE-2023-35824)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the dm1105_remove() function in drivers/media/pci/dm1105/dm1105.c. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.

Remediation

Install update from vendor's website.

References

https://www.suse.com/support/update/announcement/2023/suse-su-20232830-1/

Vulnerable Software

SUSE Linux Enterprise Live Patching: 15-SP1
SUSE Linux Enterprise Server 15 SP1 Business Critical Linux: 15-SP1
SUSE Linux Enterprise High Availability Extension 15: SP1
SUSE Linux Enterprise Server for SAP Applications 15: SP1
SUSE Linux Enterprise Server 15 SP1 LTSS: 15-SP1
SUSE Linux Enterprise Server 15: SP1
SUSE Linux Enterprise High Performance Computing 15 SP1 LTSS: 15-SP1
SUSE Linux Enterprise High Performance Computing 15: SP1
openSUSE Leap: 15.4 - 15.5
SUSE Manager Proxy: 4.0
SUSE Manager Retail Branch Server: 4.0
SUSE Manager Server: 4.0
SUSE CaaS Platform: 4.0
kernel-zfcpdump-debugsource: before 4.12.14-150100.197.151.1
kernel-zfcpdump-debuginfo: before 4.12.14-150100.197.151.1
reiserfs-kmp-default-debuginfo: before 4.12.14-150100.197.151.1
reiserfs-kmp-default: before 4.12.14-150100.197.151.1
kernel-docs: before 4.12.14-150100.197.151.1
kernel-devel: before 4.12.14-150100.197.151.1
kernel-macros: before 4.12.14-150100.197.151.1
kernel-source: before 4.12.14-150100.197.151.1
kernel-default-devel: before 4.12.14-150100.197.151.1
kernel-obs-build: before 4.12.14-150100.197.151.1
kernel-syms: before 4.12.14-150100.197.151.1
kernel-default-devel-debuginfo: before 4.12.14-150100.197.151.1
kernel-obs-build-debugsource: before 4.12.14-150100.197.151.1
kernel-default-base: before 4.12.14-150100.197.151.1
dlm-kmp-default: before 4.12.14-150100.197.151.1
ocfs2-kmp-default-debuginfo: before 4.12.14-150100.197.151.1
gfs2-kmp-default-debuginfo: before 4.12.14-150100.197.151.1
cluster-md-kmp-default: before 4.12.14-150100.197.151.1
ocfs2-kmp-default: before 4.12.14-150100.197.151.1
gfs2-kmp-default: before 4.12.14-150100.197.151.1
dlm-kmp-default-debuginfo: before 4.12.14-150100.197.151.1
cluster-md-kmp-default-debuginfo: before 4.12.14-150100.197.151.1
kernel-livepatch-4_12_14-150100_197_151-default: before 1-150100.3.3.1
kernel-default-livepatch-devel: before 4.12.14-150100.197.151.1
kernel-default-livepatch: before 4.12.14-150100.197.151.1
kernel-default-debugsource: before 4.12.14-150100.197.151.1
kernel-default-debuginfo: before 4.12.14-150100.197.151.1
kernel-default-man: before 4.12.14-150100.197.151.1
kernel-zfcpdump-man: before 4.12.14-150100.197.151.1
kernel-vanilla: before 4.12.14-150100.197.151.1
kernel-kvmsmall-base: before 4.12.14-150100.197.151.1
kernel-kvmsmall-base-debuginfo: before 4.12.14-150100.197.151.1
kernel-vanilla-base: before 4.12.14-150100.197.151.1
kernel-vanilla-devel: before 4.12.14-150100.197.151.1
kernel-vanilla-livepatch-devel: before 4.12.14-150100.197.151.1
kernel-vanilla-base-debuginfo: before 4.12.14-150100.197.151.1
kernel-default-base-debuginfo: before 4.12.14-150100.197.151.1
kernel-vanilla-devel-debuginfo: before 4.12.14-150100.197.151.1
kernel-vanilla-debugsource: before 4.12.14-150100.197.151.1
kernel-vanilla-debuginfo: before 4.12.14-150100.197.151.1
kernel-debug-base-debuginfo: before 4.12.14-150100.197.151.1
kernel-debug-base: before 4.12.14-150100.197.151.1
kernel-debug: before 4.12.14-150100.197.151.1
kernel-zfcpdump: before 4.12.14-150100.197.151.1
kernel-kvmsmall: before 4.12.14-150100.197.151.1
kernel-default: before 4.12.14-150100.197.151.1