csaf_suse - suse-su-2023:2401-1

suse-su-2023:2401-1

Vulnerability from csaf_suse

Published

2023-06-06 15:10

Modified

2023-06-06 15:10

Summary

Security update for the Linux Kernel (Live Patch 31 for SLE 15 SP3)

Notes

Title of the patch

Security update for the Linux Kernel (Live Patch 31 for SLE 15 SP3)

Description of the patch

This update for the Linux Kernel 5.3.18-150300_59_118 fixes several issues. The following security issues were fixed: - CVE-2023-1989: Fixed a use after free in btsdio_remove (bsc#1210500). - CVE-2023-1872: Fixed a use after free vulnerability in the io_uring subsystem, which could lead to local privilege escalation (bsc#1210417). - CVE-2023-2162: Fixed an use-after-free flaw in iscsi_sw_tcp_session_create (bsc#1210662). - CVE-2023-23454: Fixed a type-confusion in the CBQ network scheduler (bsc#1207188).

Patchnames

SUSE-2023-2401,SUSE-SLE-Module-Live-Patching-15-SP2-2023-2401,SUSE-SLE-Module-Live-Patching-15-SP3-2023-2419

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for the Linux Kernel (Live Patch 31 for SLE 15 SP3)",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This update for the Linux Kernel 5.3.18-150300_59_118 fixes several issues.\n\nThe following security issues were fixed:\n\n- CVE-2023-1989: Fixed a use after free in btsdio_remove (bsc#1210500).\n- CVE-2023-1872: Fixed a use after free vulnerability in the io_uring subsystem, which could lead to local privilege escalation (bsc#1210417).\n- CVE-2023-2162: Fixed an use-after-free flaw in iscsi_sw_tcp_session_create (bsc#1210662).\n- CVE-2023-23454: Fixed a type-confusion in the CBQ network scheduler (bsc#1207188).\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-2023-2401,SUSE-SLE-Module-Live-Patching-15-SP2-2023-2401,SUSE-SLE-Module-Live-Patching-15-SP3-2023-2419",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_2401-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2023:2401-1",
        "url": "https://www.suse.com/support/update/announcement/2023/suse-su-20232401-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2023:2401-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2023-June/015098.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1207188",
        "url": "https://bugzilla.suse.com/1207188"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1210417",
        "url": "https://bugzilla.suse.com/1210417"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1210500",
        "url": "https://bugzilla.suse.com/1210500"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1210662",
        "url": "https://bugzilla.suse.com/1210662"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-1872 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-1872/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-1989 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-1989/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-2162 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-2162/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-23454 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-23454/"
      }
    ],
    "title": "Security update for the Linux Kernel (Live Patch 31 for SLE 15 SP3)",
    "tracking": {
      "current_release_date": "2023-06-06T15:10:17Z",
      "generator": {
        "date": "2023-06-06T15:10:17Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2023:2401-1",
      "initial_release_date": "2023-06-06T15:10:17Z",
      "revision_history": [
        {
          "date": "2023-06-06T15:10:17Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-livepatch-5_3_18-150200_24_148-default-2-150200.2.3.ppc64le",
                "product": {
                  "name": "kernel-livepatch-5_3_18-150200_24_148-default-2-150200.2.3.ppc64le",
                  "product_id": "kernel-livepatch-5_3_18-150200_24_148-default-2-150200.2.3.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-livepatch-5_3_18-150300_59_118-default-2-150300.2.3.ppc64le",
                "product": {
                  "name": "kernel-livepatch-5_3_18-150300_59_118-default-2-150300.2.3.ppc64le",
                  "product_id": "kernel-livepatch-5_3_18-150300_59_118-default-2-150300.2.3.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-livepatch-5_3_18-150200_24_148-default-2-150200.2.3.s390x",
                "product": {
                  "name": "kernel-livepatch-5_3_18-150200_24_148-default-2-150200.2.3.s390x",
                  "product_id": "kernel-livepatch-5_3_18-150200_24_148-default-2-150200.2.3.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-livepatch-5_3_18-150300_59_118-default-2-150300.2.3.s390x",
                "product": {
                  "name": "kernel-livepatch-5_3_18-150300_59_118-default-2-150300.2.3.s390x",
                  "product_id": "kernel-livepatch-5_3_18-150300_59_118-default-2-150300.2.3.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-livepatch-5_3_18-150200_24_148-default-2-150200.2.3.x86_64",
                "product": {
                  "name": "kernel-livepatch-5_3_18-150200_24_148-default-2-150200.2.3.x86_64",
                  "product_id": "kernel-livepatch-5_3_18-150200_24_148-default-2-150200.2.3.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-livepatch-5_3_18-150200_24_148-preempt-2-150200.2.3.x86_64",
                "product": {
                  "name": "kernel-livepatch-5_3_18-150200_24_148-preempt-2-150200.2.3.x86_64",
                  "product_id": "kernel-livepatch-5_3_18-150200_24_148-preempt-2-150200.2.3.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-livepatch-5_3_18-150300_59_118-default-2-150300.2.3.x86_64",
                "product": {
                  "name": "kernel-livepatch-5_3_18-150300_59_118-default-2-150300.2.3.x86_64",
                  "product_id": "kernel-livepatch-5_3_18-150300_59_118-default-2-150300.2.3.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Live Patching 15 SP2",
                "product": {
                  "name": "SUSE Linux Enterprise Live Patching 15 SP2",
                  "product_id": "SUSE Linux Enterprise Live Patching 15 SP2",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-module-live-patching:15:sp2"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Live Patching 15 SP3",
                "product": {
                  "name": "SUSE Linux Enterprise Live Patching 15 SP3",
                  "product_id": "SUSE Linux Enterprise Live Patching 15 SP3",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-module-live-patching:15:sp3"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-livepatch-5_3_18-150200_24_148-default-2-150200.2.3.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP2",
          "product_id": "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_148-default-2-150200.2.3.ppc64le"
        },
        "product_reference": "kernel-livepatch-5_3_18-150200_24_148-default-2-150200.2.3.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-livepatch-5_3_18-150200_24_148-default-2-150200.2.3.s390x as component of SUSE Linux Enterprise Live Patching 15 SP2",
          "product_id": "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_148-default-2-150200.2.3.s390x"
        },
        "product_reference": "kernel-livepatch-5_3_18-150200_24_148-default-2-150200.2.3.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-livepatch-5_3_18-150200_24_148-default-2-150200.2.3.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP2",
          "product_id": "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_148-default-2-150200.2.3.x86_64"
        },
        "product_reference": "kernel-livepatch-5_3_18-150200_24_148-default-2-150200.2.3.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-livepatch-5_3_18-150300_59_118-default-2-150300.2.3.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP3",
          "product_id": "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_118-default-2-150300.2.3.ppc64le"
        },
        "product_reference": "kernel-livepatch-5_3_18-150300_59_118-default-2-150300.2.3.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-livepatch-5_3_18-150300_59_118-default-2-150300.2.3.s390x as component of SUSE Linux Enterprise Live Patching 15 SP3",
          "product_id": "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_118-default-2-150300.2.3.s390x"
        },
        "product_reference": "kernel-livepatch-5_3_18-150300_59_118-default-2-150300.2.3.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-livepatch-5_3_18-150300_59_118-default-2-150300.2.3.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP3",
          "product_id": "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_118-default-2-150300.2.3.x86_64"
        },
        "product_reference": "kernel-livepatch-5_3_18-150300_59_118-default-2-150300.2.3.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP3"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-1872",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-1872"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free vulnerability in the Linux Kernel io_uring system can be exploited to achieve local privilege escalation.\n\nThe io_file_get_fixed function lacks the presence of ctx-\u003euring_lock which can lead to a Use-After-Free vulnerability due a race condition with fixed files getting unregistered.\n\nWe recommend upgrading past commit da24142b1ef9fd5d36b76e36bab328a5b27523e8.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_148-default-2-150200.2.3.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_148-default-2-150200.2.3.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_148-default-2-150200.2.3.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_118-default-2-150300.2.3.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_118-default-2-150300.2.3.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_118-default-2-150300.2.3.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-1872",
          "url": "https://www.suse.com/security/cve/CVE-2023-1872"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1210414 for CVE-2023-1872",
          "url": "https://bugzilla.suse.com/1210414"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1210417 for CVE-2023-1872",
          "url": "https://bugzilla.suse.com/1210417"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_148-default-2-150200.2.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_148-default-2-150200.2.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_148-default-2-150200.2.3.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_118-default-2-150300.2.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_118-default-2-150300.2.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_118-default-2-150300.2.3.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_148-default-2-150200.2.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_148-default-2-150200.2.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_148-default-2-150200.2.3.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_118-default-2-150300.2.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_118-default-2-150300.2.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_118-default-2-150300.2.3.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2023-06-06T15:10:17Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-1872"
    },
    {
      "cve": "CVE-2023-1989",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-1989"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free flaw was found in btsdio_remove in drivers\\bluetooth\\btsdio.c in the Linux Kernel. In this flaw, a call to btsdio_remove with an unfinished job, may cause a race problem leading to a UAF on hdev devices.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_148-default-2-150200.2.3.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_148-default-2-150200.2.3.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_148-default-2-150200.2.3.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_118-default-2-150300.2.3.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_118-default-2-150300.2.3.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_118-default-2-150300.2.3.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-1989",
          "url": "https://www.suse.com/security/cve/CVE-2023-1989"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1210336 for CVE-2023-1989",
          "url": "https://bugzilla.suse.com/1210336"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1210500 for CVE-2023-1989",
          "url": "https://bugzilla.suse.com/1210500"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1213841 for CVE-2023-1989",
          "url": "https://bugzilla.suse.com/1213841"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1213842 for CVE-2023-1989",
          "url": "https://bugzilla.suse.com/1213842"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1214128 for CVE-2023-1989",
          "url": "https://bugzilla.suse.com/1214128"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_148-default-2-150200.2.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_148-default-2-150200.2.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_148-default-2-150200.2.3.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_118-default-2-150300.2.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_118-default-2-150300.2.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_118-default-2-150300.2.3.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_148-default-2-150200.2.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_148-default-2-150200.2.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_148-default-2-150200.2.3.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_118-default-2-150300.2.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_118-default-2-150300.2.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_118-default-2-150300.2.3.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2023-06-06T15:10:17Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-1989"
    },
    {
      "cve": "CVE-2023-2162",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-2162"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free vulnerability was found in iscsi_sw_tcp_session_create in drivers/scsi/iscsi_tcp.c in SCSI sub-component in the Linux Kernel. In this flaw an attacker could leak kernel internal information.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_148-default-2-150200.2.3.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_148-default-2-150200.2.3.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_148-default-2-150200.2.3.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_118-default-2-150300.2.3.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_118-default-2-150300.2.3.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_118-default-2-150300.2.3.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-2162",
          "url": "https://www.suse.com/security/cve/CVE-2023-2162"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1210647 for CVE-2023-2162",
          "url": "https://bugzilla.suse.com/1210647"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1210662 for CVE-2023-2162",
          "url": "https://bugzilla.suse.com/1210662"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1213841 for CVE-2023-2162",
          "url": "https://bugzilla.suse.com/1213841"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1213842 for CVE-2023-2162",
          "url": "https://bugzilla.suse.com/1213842"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1214128 for CVE-2023-2162",
          "url": "https://bugzilla.suse.com/1214128"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1222212 for CVE-2023-2162",
          "url": "https://bugzilla.suse.com/1222212"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_148-default-2-150200.2.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_148-default-2-150200.2.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_148-default-2-150200.2.3.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_118-default-2-150300.2.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_118-default-2-150300.2.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_118-default-2-150300.2.3.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_148-default-2-150200.2.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_148-default-2-150200.2.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_148-default-2-150200.2.3.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_118-default-2-150300.2.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_118-default-2-150300.2.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_118-default-2-150300.2.3.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2023-06-06T15:10:17Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-2162"
    },
    {
      "cve": "CVE-2023-23454",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-23454"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service (slab-out-of-bounds read) because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results).",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_148-default-2-150200.2.3.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_148-default-2-150200.2.3.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_148-default-2-150200.2.3.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_118-default-2-150300.2.3.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_118-default-2-150300.2.3.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_118-default-2-150300.2.3.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-23454",
          "url": "https://www.suse.com/security/cve/CVE-2023-23454"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1207036 for CVE-2023-23454",
          "url": "https://bugzilla.suse.com/1207036"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1207188 for CVE-2023-23454",
          "url": "https://bugzilla.suse.com/1207188"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1208030 for CVE-2023-23454",
          "url": "https://bugzilla.suse.com/1208030"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1208044 for CVE-2023-23454",
          "url": "https://bugzilla.suse.com/1208044"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1208085 for CVE-2023-23454",
          "url": "https://bugzilla.suse.com/1208085"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1211833 for CVE-2023-23454",
          "url": "https://bugzilla.suse.com/1211833"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_148-default-2-150200.2.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_148-default-2-150200.2.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_148-default-2-150200.2.3.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_118-default-2-150300.2.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_118-default-2-150300.2.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_118-default-2-150300.2.3.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_148-default-2-150200.2.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_148-default-2-150200.2.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_148-default-2-150200.2.3.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_118-default-2-150300.2.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_118-default-2-150300.2.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_118-default-2-150300.2.3.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2023-06-06T15:10:17Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-23454"
    }
  ]
}

CVE-2023-23454 (GCVE-0-2023-23454)

Vulnerability from cvelistv5

Published

2023-01-12 00:00

Modified

2025-03-20 20:55

Severity ?

5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE

Summary

cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service (slab-out-of-bounds read) because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results).

References

►

URL

Tags

	https://www.openwall.com/lists/oss-security/2023/01/10/1
	https://www.openwall.com/lists/oss-security/2023/01/10/4
	https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=caa4b35b4317d5147b3ab0fbdc9c075c7d2e9c12
	https://www.debian.org/security/2023/dsa-5324	vendor-advisory
	https://lists.debian.org/debian-lts-announce/2023/03/msg00000.html	mailing-list
	https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html	mailing-list

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T10:28:40.976Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.openwall.com/lists/oss-security/2023/01/10/1"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.openwall.com/lists/oss-security/2023/01/10/4"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=caa4b35b4317d5147b3ab0fbdc9c075c7d2e9c12"
          },
          {
            "name": "DSA-5324",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2023/dsa-5324"
          },
          {
            "name": "[debian-lts-announce] 20230302 [SECURITY] [DLA 3349-1] linux-5.10 security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00000.html"
          },
          {
            "name": "[debian-lts-announce] 20230503 [SECURITY] [DLA 3403-1] linux security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 5.5,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-23454",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-03-06T15:57:34.523485Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-843",
                "description": "CWE-843 Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-03-20T20:55:38.435Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service (slab-out-of-bounds read) because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results)."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-05-03T00:00:00.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://www.openwall.com/lists/oss-security/2023/01/10/1"
        },
        {
          "url": "https://www.openwall.com/lists/oss-security/2023/01/10/4"
        },
        {
          "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=caa4b35b4317d5147b3ab0fbdc9c075c7d2e9c12"
        },
        {
          "name": "DSA-5324",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.debian.org/security/2023/dsa-5324"
        },
        {
          "name": "[debian-lts-announce] 20230302 [SECURITY] [DLA 3349-1] linux-5.10 security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00000.html"
        },
        {
          "name": "[debian-lts-announce] 20230503 [SECURITY] [DLA 3403-1] linux security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2023-23454",
    "datePublished": "2023-01-12T00:00:00.000Z",
    "dateReserved": "2023-01-12T00:00:00.000Z",
    "dateUpdated": "2025-03-20T20:55:38.435Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-1989 (GCVE-0-2023-1989)

Vulnerability from cvelistv5

Published

2023-04-11 00:00

Modified

2024-08-26 13:09

Severity ?

7.1 (High) - CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-416

Summary

A use-after-free flaw was found in btsdio_remove in drivers\bluetooth\btsdio.c in the Linux Kernel. In this flaw, a call to btsdio_remove with an unfinished job, may cause a race problem leading to a UAF on hdev devices.

References

►

URL

Tags

	https://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next.git/commit/?id=f132c2d13088
	https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html	mailing-list
	https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html	mailing-list
	https://security.netapp.com/advisory/ntap-20230601-0004/
	https://www.debian.org/security/2023/dsa-5492	vendor-advisory
	https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html	mailing-list

Impacted products

	Vendor	Product	Version
	n/a	Kernel	Version: Linux kernel version prior to Kernel 6.3 RC4

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T06:05:27.122Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next.git/commit/?id=f132c2d13088"
          },
          {
            "name": "[debian-lts-announce] 20230502 [SECURITY] [DLA 3404-1] linux-5.10 security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html"
          },
          {
            "name": "[debian-lts-announce] 20230503 [SECURITY] [DLA 3403-1] linux security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20230601-0004/"
          },
          {
            "name": "DSA-5492",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2023/dsa-5492"
          },
          {
            "name": "[debian-lts-announce] 20240111 [SECURITY] [DLA 3710-1] linux security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:netapp:hci_baseboard_management_controller:h300s:*:*:*:*:*:*:*",
              "cpe:2.3:a:netapp:hci_baseboard_management_controller:h410c:*:*:*:*:*:*:*",
              "cpe:2.3:a:netapp:hci_baseboard_management_controller:h410s:*:*:*:*:*:*:*",
              "cpe:2.3:a:netapp:hci_baseboard_management_controller:h500s:*:*:*:*:*:*:*",
              "cpe:2.3:a:netapp:hci_baseboard_management_controller:h700s:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "hci_baseboard_management_controller",
            "vendor": "netapp",
            "versions": [
              {
                "status": "affected",
                "version": "h300s"
              },
              {
                "status": "affected",
                "version": "h410c"
              },
              {
                "status": "affected",
                "version": "h410s"
              },
              {
                "status": "affected",
                "version": "h500s"
              },
              {
                "status": "affected",
                "version": "h700s"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThan": "6.3+rc4",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:debian:debian_linux:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "debian_linux",
            "vendor": "debian",
            "versions": [
              {
                "status": "affected",
                "version": "5.10.178-3"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "HIGH",
              "attackVector": "ADJACENT_NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 7.1,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-1989",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-10T04:00:19.103887Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-08-26T13:09:35.058Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Kernel",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Linux kernel version prior to Kernel 6.3 RC4"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A use-after-free flaw was found in btsdio_remove in drivers\\bluetooth\\btsdio.c in the Linux Kernel. In this flaw, a call to btsdio_remove with an unfinished job, may cause a race problem leading to a UAF on hdev devices."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-416",
              "description": "CWE-416",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-01-11T19:06:36.230942",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "url": "https://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next.git/commit/?id=f132c2d13088"
        },
        {
          "name": "[debian-lts-announce] 20230502 [SECURITY] [DLA 3404-1] linux-5.10 security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html"
        },
        {
          "name": "[debian-lts-announce] 20230503 [SECURITY] [DLA 3403-1] linux security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html"
        },
        {
          "url": "https://security.netapp.com/advisory/ntap-20230601-0004/"
        },
        {
          "name": "DSA-5492",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.debian.org/security/2023/dsa-5492"
        },
        {
          "name": "[debian-lts-announce] 20240111 [SECURITY] [DLA 3710-1] linux security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2023-1989",
    "datePublished": "2023-04-11T00:00:00",
    "dateReserved": "2023-04-11T00:00:00",
    "dateUpdated": "2024-08-26T13:09:35.058Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-2162 (GCVE-0-2023-2162)

Vulnerability from cvelistv5

Published

2023-04-19 00:00

Modified

2025-03-19 15:32

Severity ?

5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CWE

CWE-416

Summary

A use-after-free vulnerability was found in iscsi_sw_tcp_session_create in drivers/scsi/iscsi_tcp.c in SCSI sub-component in the Linux Kernel. In this flaw an attacker could leak kernel internal information.

References

►

URL

Tags

	https://www.spinics.net/lists/linux-scsi/msg181542.html
	https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html	mailing-list
	https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html	mailing-list

Impacted products

	Vendor	Product	Version
	n/a	Kernel	Version: Linux Kernel version prior to Kernel 6.2 RC6

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T06:12:20.601Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.spinics.net/lists/linux-scsi/msg181542.html"
          },
          {
            "name": "[debian-lts-announce] 20230502 [SECURITY] [DLA 3404-1] linux-5.10 security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html"
          },
          {
            "name": "[debian-lts-announce] 20230503 [SECURITY] [DLA 3403-1] linux security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "NONE",
              "baseScore": 5.5,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "NONE",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-2162",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-03-06T15:56:12.536478Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-03-19T15:32:43.543Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Kernel",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Linux Kernel version prior to Kernel 6.2 RC6"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A use-after-free vulnerability was found in iscsi_sw_tcp_session_create in drivers/scsi/iscsi_tcp.c in SCSI sub-component in the Linux Kernel. In this flaw an attacker could leak kernel internal information."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-416",
              "description": "CWE-416",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-05-03T13:06:42.883Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "url": "https://www.spinics.net/lists/linux-scsi/msg181542.html"
        },
        {
          "name": "[debian-lts-announce] 20230502 [SECURITY] [DLA 3404-1] linux-5.10 security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html"
        },
        {
          "name": "[debian-lts-announce] 20230503 [SECURITY] [DLA 3403-1] linux security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2023-2162",
    "datePublished": "2023-04-19T00:00:00.000Z",
    "dateReserved": "2023-04-18T00:00:00.000Z",
    "dateUpdated": "2025-03-19T15:32:43.543Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-1872 (GCVE-0-2023-1872)

Vulnerability from cvelistv5

Published

2023-04-12 15:40

Modified

2025-02-13 16:39

Severity ?

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-416 - Use After Free

Summary

A use-after-free vulnerability in the Linux Kernel io_uring system can be exploited to achieve local privilege escalation. The io_file_get_fixed function lacks the presence of ctx->uring_lock which can lead to a Use-After-Free vulnerability due a race condition with fixed files getting unregistered. We recommend upgrading past commit da24142b1ef9fd5d36b76e36bab328a5b27523e8.

References

►

URL

Tags

	https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=linux-5.10.y&id=08681391b84da27133deefaaddefd0acfa90c2be
	https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=linux-5.10.y&id=da24142b1ef9fd5d36b76e36bab328a5b27523e8
	https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html
	https://security.netapp.com/advisory/ntap-20230601-0002/
	http://packetstormsecurity.com/files/173087/Kernel-Live-Patch-Security-Notice-LSN-0095-1.html

Impacted products

	Vendor	Product	Version
	Linux	Linux Kernel	Version: 5.7 <

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T06:05:26.723Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=linux-5.10.y\u0026id=08681391b84da27133deefaaddefd0acfa90c2be"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=linux-5.10.y\u0026id=da24142b1ef9fd5d36b76e36bab328a5b27523e8"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20230601-0002/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/173087/Kernel-Live-Patch-Security-Notice-LSN-0095-1.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "packageName": "kernel",
          "product": "Linux Kernel",
          "repo": "https://git.kernel.org",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "5.17",
              "status": "affected",
              "version": "5.7",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "Bing-Jhong Billy Jheng of Starlabs"
        }
      ],
      "datePublic": "2023-03-03T10:45:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eA use-after-free vulnerability in the Linux Kernel io_uring system can be exploited to achieve local privilege escalation.\u003c/p\u003e\u003cp\u003eThe io_file_get_fixed function lacks the presence of ctx-\u0026gt;uring_lock which can lead to a Use-After-Free vulnerability due a race condition with fixed files getting unregistered.\u003c/p\u003e\u003cp\u003eWe recommend upgrading past commit da24142b1ef9fd5d36b76e36bab328a5b27523e8.\u003c/p\u003e"
            }
          ],
          "value": "A use-after-free vulnerability in the Linux Kernel io_uring system can be exploited to achieve local privilege escalation.\n\nThe io_file_get_fixed function lacks the presence of ctx-\u003euring_lock which can lead to a Use-After-Free vulnerability due a race condition with fixed files getting unregistered.\n\nWe recommend upgrading past commit da24142b1ef9fd5d36b76e36bab328a5b27523e8."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-233",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-233 Privilege Escalation"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-416",
              "description": "CWE-416 Use After Free",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-06-22T14:06:34.098Z",
        "orgId": "14ed7db2-1595-443d-9d34-6215bf890778",
        "shortName": "Google"
      },
      "references": [
        {
          "url": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=linux-5.10.y\u0026id=08681391b84da27133deefaaddefd0acfa90c2be"
        },
        {
          "url": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=linux-5.10.y\u0026id=da24142b1ef9fd5d36b76e36bab328a5b27523e8"
        },
        {
          "url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html"
        },
        {
          "url": "https://security.netapp.com/advisory/ntap-20230601-0002/"
        },
        {
          "url": "http://packetstormsecurity.com/files/173087/Kernel-Live-Patch-Security-Notice-LSN-0095-1.html"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "Use-after-free in Linux kernel\u0027s io_uring subsystem",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "14ed7db2-1595-443d-9d34-6215bf890778",
    "assignerShortName": "Google",
    "cveId": "CVE-2023-1872",
    "datePublished": "2023-04-12T15:40:42.386Z",
    "dateReserved": "2023-04-05T13:26:00.875Z",
    "dateUpdated": "2025-02-13T16:39:40.499Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

suse-su-2023:2401-1

Vulnerability from csaf_suse

CVE-2023-23454 (GCVE-0-2023-23454)

Vulnerability from cvelistv5

CVE-2023-1989 (GCVE-0-2023-1989)

Vulnerability from cvelistv5

CVE-2023-2162 (GCVE-0-2023-2162)

Vulnerability from cvelistv5

CVE-2023-1872 (GCVE-0-2023-1872)

Vulnerability from cvelistv5

Tags

Sightings

Nomenclature