SB2023111083 - SUSE update for the Linux Kernel
Published: November 10, 2023 Updated: May 13, 2024
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 11 secuirty vulnerabilities.
1) Out-of-bounds write (CVE-ID: CVE-2023-2163)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error in BPF verifier caused by improper marking of
registers for precision tracking in certain situations. A local user can trigger an out-of-bounds write and execute arbitrary code with elevated privileges.
2) Out-of-bounds read (CVE-ID: CVE-2023-2860)
The vulnerability allows a local user to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition within the SR-IPv6 implementation when processing seg6 attributes. A local user can trigger an out-of-bounds read error and read contents of memory on the system.
3) Division by zero (CVE-ID: CVE-2023-31085)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a divide by zero error within the drivers/mtd/ubi/cdev.c driver. A local user can perform a denial of service (DoS) attack.
4) Deadlock (CVE-ID: CVE-2023-34324)
The vulnerability allows a malicious guest to perform a denial of service (DoS) attack.
The vulnerability exists due to improper event handling in Linux kernel. A malicious guest can disable paravirtualized device to cause a deadlock in a backend domain (other than dom0).
5) Resource management error (CVE-ID: CVE-2023-3777)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to improper handling of table rules flush in certain circumstances within the netfilter subsystem in net/netfilter/nf_tables_api.c. A local user can perform a denial of service (DoS) attack or execute arbitrary code with elevated privileges.
6) Out-of-bounds read (CVE-ID: CVE-2023-39189)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary condition within the nfnl_osf_add_callback() function in Linux kernel Netfilter. A local user with CAP_NET_ADMIN capability can trigger an out-of-bounds read error and execute arbitrary code with elevated privileges.
7) Input validation error (CVE-ID: CVE-2023-39191)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to insufficient validation of user-supplied input in the eBPF subsystem in the Linux kernel. A local user with CAP_BPF capability can execute arbitrary code with elevated privileges.
8) Out-of-bounds read (CVE-ID: CVE-2023-39193)
The vulnerability allows a local user to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition within the sctp_mt_check() function in Netfilter subsystem in Linux kernel. A local user with CAP_NET_ADMIN capability can trigger an out-of-bounds read error and read contents of memory on the system.
9) Allocation of Resources Without Limits or Throttling (CVE-ID: CVE-2023-45862)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error within the ENE UB6250 reader driver in drivers/usb/storage/ene_ub6250.c. A local user can trigger a boundary error and perform a denial of service (DoS) attack.
10) Improper access control (CVE-ID: CVE-2023-46813)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to improper access checking in the #VC handler and instruction emulation of the SEV-ES emulation of MMIO accesses. A local user can gain arbitrary write access to kernel memory and execute arbitrary code with elevated privileges.
11) Use-after-free (CVE-ID: CVE-2023-5178)
The vulnerability allows a local authenticated user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the drivers/nvme/target/tcp.c in nvmet_tcp_free_crypto due to a logical bug in the NVMe-oF/TCP subsystem in the Linux kernel. A local authenticated user can trigger a use-after-free error and escalate privileges on the system.
Remediation
Install update from vendor's website.