suse-su-2024:0110-1
Vulnerability from csaf_suse
Published
2024-01-16 12:28
Modified
2024-01-16 12:28
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2020-26555: Fixed an issue during BR/EDR PIN code pairing in the Bluetooth subsystem that would allow replay attacks (bsc#1179610 bsc#1215237).
- CVE-2023-6121: Fixed an information leak via dmesg when receiving a crafted packet in the NVMe-oF/TCP subsystem (bsc#1217250).
- CVE-2023-6606: Fixed an out of bounds read in the SMB client when receiving a malformed length from a server (bsc#1217947).
- CVE-2023-6610: Fixed an out of bounds read in the SMB client when printing debug information (bsc#1217946).
- CVE-2023-6931: Fixed an out of bounds write in the Performance Events subsystem when adding a new event (bsc#1218258).
- CVE-2023-6932: Fixed a use-after-free issue when receiving an IGMP query packet due to reference count mismanagement (bsc#1218253).
- CVE-2023-51779: Fixed a use-after-free because of a bt_sock_ioctl race condition in bt_sock_recvmsg (bsc#1218559).
The following non-security bugs were fixed:
- Reviewed and added more information to README.SUSE (jsc#PED-5021).
- Enabled multibuild for kernel packages (JSC-SLE#5501, boo#1211226, bsc#1218184).
- clocksource: Avoid accidental unstable marking of clocksources (bsc#1218105).
- clocksource: Suspend the watchdog temporarily when high read latency detected (bsc#1218105).
- efi/mokvar: Reserve the table only if it is in boot services data (bsc#1215375).
Patchnames
SUSE-2024-110,SUSE-SUSE-MicroOS-5.1-2024-110,SUSE-SUSE-MicroOS-5.2-2024-110
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2020-26555: Fixed an issue during BR/EDR PIN code pairing in the Bluetooth subsystem that would allow replay attacks (bsc#1179610 bsc#1215237).\n- CVE-2023-6121: Fixed an information leak via dmesg when receiving a crafted packet in the NVMe-oF/TCP subsystem (bsc#1217250).\n- CVE-2023-6606: Fixed an out of bounds read in the SMB client when receiving a malformed length from a server (bsc#1217947).\n- CVE-2023-6610: Fixed an out of bounds read in the SMB client when printing debug information (bsc#1217946).\n- CVE-2023-6931: Fixed an out of bounds write in the Performance Events subsystem when adding a new event (bsc#1218258).\n- CVE-2023-6932: Fixed a use-after-free issue when receiving an IGMP query packet due to reference count mismanagement (bsc#1218253).\n- CVE-2023-51779: Fixed a use-after-free because of a bt_sock_ioctl race condition in bt_sock_recvmsg (bsc#1218559).\n\nThe following non-security bugs were fixed:\n\n- Reviewed and added more information to README.SUSE (jsc#PED-5021).\n- Enabled multibuild for kernel packages (JSC-SLE#5501, boo#1211226, bsc#1218184).\n- clocksource: Avoid accidental unstable marking of clocksources (bsc#1218105).\n- clocksource: Suspend the watchdog temporarily when high read latency detected (bsc#1218105).\n- efi/mokvar: Reserve the table only if it is in boot services data (bsc#1215375).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2024-110,SUSE-SUSE-MicroOS-5.1-2024-110,SUSE-SUSE-MicroOS-5.2-2024-110",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_0110-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2024:0110-1",
"url": "https://www.suse.com/support/update/announcement/2024/suse-su-20240110-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2024:0110-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-January/017674.html"
},
{
"category": "self",
"summary": "SUSE Bug 1179610",
"url": "https://bugzilla.suse.com/1179610"
},
{
"category": "self",
"summary": "SUSE Bug 1211226",
"url": "https://bugzilla.suse.com/1211226"
},
{
"category": "self",
"summary": "SUSE Bug 1215237",
"url": "https://bugzilla.suse.com/1215237"
},
{
"category": "self",
"summary": "SUSE Bug 1215375",
"url": "https://bugzilla.suse.com/1215375"
},
{
"category": "self",
"summary": "SUSE Bug 1217250",
"url": "https://bugzilla.suse.com/1217250"
},
{
"category": "self",
"summary": "SUSE Bug 1217709",
"url": "https://bugzilla.suse.com/1217709"
},
{
"category": "self",
"summary": "SUSE Bug 1217946",
"url": "https://bugzilla.suse.com/1217946"
},
{
"category": "self",
"summary": "SUSE Bug 1217947",
"url": "https://bugzilla.suse.com/1217947"
},
{
"category": "self",
"summary": "SUSE Bug 1218105",
"url": "https://bugzilla.suse.com/1218105"
},
{
"category": "self",
"summary": "SUSE Bug 1218184",
"url": "https://bugzilla.suse.com/1218184"
},
{
"category": "self",
"summary": "SUSE Bug 1218253",
"url": "https://bugzilla.suse.com/1218253"
},
{
"category": "self",
"summary": "SUSE Bug 1218258",
"url": "https://bugzilla.suse.com/1218258"
},
{
"category": "self",
"summary": "SUSE Bug 1218559",
"url": "https://bugzilla.suse.com/1218559"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-26555 page",
"url": "https://www.suse.com/security/cve/CVE-2020-26555/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-51779 page",
"url": "https://www.suse.com/security/cve/CVE-2023-51779/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6121 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6121/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6606 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6606/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6610 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6610/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6931 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6931/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6932 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6932/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2024-01-16T12:28:22Z",
"generator": {
"date": "2024-01-16T12:28:22Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2024:0110-1",
"initial_release_date": "2024-01-16T12:28:22Z",
"revision_history": [
{
"date": "2024-01-16T12:28:22Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-rt-5.3.18-150300.155.1.noarch",
"product": {
"name": "kernel-devel-rt-5.3.18-150300.155.1.noarch",
"product_id": "kernel-devel-rt-5.3.18-150300.155.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-rt-5.3.18-150300.155.1.noarch",
"product": {
"name": "kernel-source-rt-5.3.18-150300.155.1.noarch",
"product_id": "kernel-source-rt-5.3.18-150300.155.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-rt-5.3.18-150300.155.1.x86_64",
"product": {
"name": "cluster-md-kmp-rt-5.3.18-150300.155.1.x86_64",
"product_id": "cluster-md-kmp-rt-5.3.18-150300.155.1.x86_64"
}
},
{
"category": "product_version",
"name": "cluster-md-kmp-rt_debug-5.3.18-150300.155.1.x86_64",
"product": {
"name": "cluster-md-kmp-rt_debug-5.3.18-150300.155.1.x86_64",
"product_id": "cluster-md-kmp-rt_debug-5.3.18-150300.155.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-rt-5.3.18-150300.155.1.x86_64",
"product": {
"name": "dlm-kmp-rt-5.3.18-150300.155.1.x86_64",
"product_id": "dlm-kmp-rt-5.3.18-150300.155.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-rt_debug-5.3.18-150300.155.1.x86_64",
"product": {
"name": "dlm-kmp-rt_debug-5.3.18-150300.155.1.x86_64",
"product_id": "dlm-kmp-rt_debug-5.3.18-150300.155.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-rt-5.3.18-150300.155.1.x86_64",
"product": {
"name": "gfs2-kmp-rt-5.3.18-150300.155.1.x86_64",
"product_id": "gfs2-kmp-rt-5.3.18-150300.155.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-rt_debug-5.3.18-150300.155.1.x86_64",
"product": {
"name": "gfs2-kmp-rt_debug-5.3.18-150300.155.1.x86_64",
"product_id": "gfs2-kmp-rt_debug-5.3.18-150300.155.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-5.3.18-150300.155.1.x86_64",
"product": {
"name": "kernel-rt-5.3.18-150300.155.1.x86_64",
"product_id": "kernel-rt-5.3.18-150300.155.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-5.3.18-150300.155.1.x86_64",
"product": {
"name": "kernel-rt-devel-5.3.18-150300.155.1.x86_64",
"product_id": "kernel-rt-devel-5.3.18-150300.155.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-extra-5.3.18-150300.155.1.x86_64",
"product": {
"name": "kernel-rt-extra-5.3.18-150300.155.1.x86_64",
"product_id": "kernel-rt-extra-5.3.18-150300.155.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-livepatch-devel-5.3.18-150300.155.1.x86_64",
"product": {
"name": "kernel-rt-livepatch-devel-5.3.18-150300.155.1.x86_64",
"product_id": "kernel-rt-livepatch-devel-5.3.18-150300.155.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-optional-5.3.18-150300.155.1.x86_64",
"product": {
"name": "kernel-rt-optional-5.3.18-150300.155.1.x86_64",
"product_id": "kernel-rt-optional-5.3.18-150300.155.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-5.3.18-150300.155.1.x86_64",
"product": {
"name": "kernel-rt_debug-5.3.18-150300.155.1.x86_64",
"product_id": "kernel-rt_debug-5.3.18-150300.155.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-devel-5.3.18-150300.155.1.x86_64",
"product": {
"name": "kernel-rt_debug-devel-5.3.18-150300.155.1.x86_64",
"product_id": "kernel-rt_debug-devel-5.3.18-150300.155.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-extra-5.3.18-150300.155.1.x86_64",
"product": {
"name": "kernel-rt_debug-extra-5.3.18-150300.155.1.x86_64",
"product_id": "kernel-rt_debug-extra-5.3.18-150300.155.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-livepatch-devel-5.3.18-150300.155.1.x86_64",
"product": {
"name": "kernel-rt_debug-livepatch-devel-5.3.18-150300.155.1.x86_64",
"product_id": "kernel-rt_debug-livepatch-devel-5.3.18-150300.155.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-optional-5.3.18-150300.155.1.x86_64",
"product": {
"name": "kernel-rt_debug-optional-5.3.18-150300.155.1.x86_64",
"product_id": "kernel-rt_debug-optional-5.3.18-150300.155.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-rt-5.3.18-150300.155.1.x86_64",
"product": {
"name": "kernel-syms-rt-5.3.18-150300.155.1.x86_64",
"product_id": "kernel-syms-rt-5.3.18-150300.155.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-rt-5.3.18-150300.155.1.x86_64",
"product": {
"name": "kselftests-kmp-rt-5.3.18-150300.155.1.x86_64",
"product_id": "kselftests-kmp-rt-5.3.18-150300.155.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-rt_debug-5.3.18-150300.155.1.x86_64",
"product": {
"name": "kselftests-kmp-rt_debug-5.3.18-150300.155.1.x86_64",
"product_id": "kselftests-kmp-rt_debug-5.3.18-150300.155.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-rt-5.3.18-150300.155.1.x86_64",
"product": {
"name": "ocfs2-kmp-rt-5.3.18-150300.155.1.x86_64",
"product_id": "ocfs2-kmp-rt-5.3.18-150300.155.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-rt_debug-5.3.18-150300.155.1.x86_64",
"product": {
"name": "ocfs2-kmp-rt_debug-5.3.18-150300.155.1.x86_64",
"product_id": "ocfs2-kmp-rt_debug-5.3.18-150300.155.1.x86_64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-rt-5.3.18-150300.155.1.x86_64",
"product": {
"name": "reiserfs-kmp-rt-5.3.18-150300.155.1.x86_64",
"product_id": "reiserfs-kmp-rt-5.3.18-150300.155.1.x86_64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-rt_debug-5.3.18-150300.155.1.x86_64",
"product": {
"name": "reiserfs-kmp-rt_debug-5.3.18-150300.155.1.x86_64",
"product_id": "reiserfs-kmp-rt_debug-5.3.18-150300.155.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.1",
"product": {
"name": "SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-microos:5.1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.2",
"product": {
"name": "SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-microos:5.2"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-5.3.18-150300.155.1.x86_64 as component of SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.155.1.x86_64"
},
"product_reference": "kernel-rt-5.3.18-150300.155.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-5.3.18-150300.155.1.x86_64 as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.155.1.x86_64"
},
"product_reference": "kernel-rt-5.3.18-150300.155.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-26555",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-26555"
}
],
"notes": [
{
"category": "general",
"text": "Bluetooth legacy BR/EDR PIN code pairing in Bluetooth Core Specification 1.0B through 5.2 may permit an unauthenticated nearby device to spoof the BD_ADDR of the peer device to complete pairing without knowledge of the PIN.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.155.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.155.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-26555",
"url": "https://www.suse.com/security/cve/CVE-2020-26555"
},
{
"category": "external",
"summary": "SUSE Bug 1179610 for CVE-2020-26555",
"url": "https://bugzilla.suse.com/1179610"
},
{
"category": "external",
"summary": "SUSE Bug 1215237 for CVE-2020-26555",
"url": "https://bugzilla.suse.com/1215237"
},
{
"category": "external",
"summary": "SUSE Bug 1220015 for CVE-2020-26555",
"url": "https://bugzilla.suse.com/1220015"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.155.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.155.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.155.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.155.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-16T12:28:22Z",
"details": "moderate"
}
],
"title": "CVE-2020-26555"
},
{
"cve": "CVE-2023-51779",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-51779"
}
],
"notes": [
{
"category": "general",
"text": "bt_sock_recvmsg in net/bluetooth/af_bluetooth.c in the Linux kernel through 6.6.8 has a use-after-free because of a bt_sock_ioctl race condition.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.155.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.155.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-51779",
"url": "https://www.suse.com/security/cve/CVE-2023-51779"
},
{
"category": "external",
"summary": "SUSE Bug 1218559 for CVE-2023-51779",
"url": "https://bugzilla.suse.com/1218559"
},
{
"category": "external",
"summary": "SUSE Bug 1218610 for CVE-2023-51779",
"url": "https://bugzilla.suse.com/1218610"
},
{
"category": "external",
"summary": "SUSE Bug 1220015 for CVE-2023-51779",
"url": "https://bugzilla.suse.com/1220015"
},
{
"category": "external",
"summary": "SUSE Bug 1220191 for CVE-2023-51779",
"url": "https://bugzilla.suse.com/1220191"
},
{
"category": "external",
"summary": "SUSE Bug 1221578 for CVE-2023-51779",
"url": "https://bugzilla.suse.com/1221578"
},
{
"category": "external",
"summary": "SUSE Bug 1221598 for CVE-2023-51779",
"url": "https://bugzilla.suse.com/1221598"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.155.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.155.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.155.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.155.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-16T12:28:22Z",
"details": "important"
}
],
"title": "CVE-2023-51779"
},
{
"cve": "CVE-2023-6121",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6121"
}
],
"notes": [
{
"category": "general",
"text": "An out-of-bounds read vulnerability was found in the NVMe-oF/TCP subsystem in the Linux kernel. This issue may allow a remote attacker to send a crafted TCP packet, triggering a heap-based buffer overflow that results in kmalloc data being printed and potentially leaked to the kernel ring buffer (dmesg).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.155.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.155.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6121",
"url": "https://www.suse.com/security/cve/CVE-2023-6121"
},
{
"category": "external",
"summary": "SUSE Bug 1217250 for CVE-2023-6121",
"url": "https://bugzilla.suse.com/1217250"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.155.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.155.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.155.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.155.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-16T12:28:22Z",
"details": "moderate"
}
],
"title": "CVE-2023-6121"
},
{
"cve": "CVE-2023-6606",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6606"
}
],
"notes": [
{
"category": "general",
"text": "An out-of-bounds read vulnerability was found in smbCalcSize in fs/smb/client/netmisc.c in the Linux Kernel. This issue could allow a local attacker to crash the system or leak internal kernel information.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.155.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.155.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6606",
"url": "https://www.suse.com/security/cve/CVE-2023-6606"
},
{
"category": "external",
"summary": "SUSE Bug 1217947 for CVE-2023-6606",
"url": "https://bugzilla.suse.com/1217947"
},
{
"category": "external",
"summary": "SUSE Bug 1220015 for CVE-2023-6606",
"url": "https://bugzilla.suse.com/1220015"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.155.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.155.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.155.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.155.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-16T12:28:22Z",
"details": "moderate"
}
],
"title": "CVE-2023-6606"
},
{
"cve": "CVE-2023-6610",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6610"
}
],
"notes": [
{
"category": "general",
"text": "An out-of-bounds read vulnerability was found in smb2_dump_detail in fs/smb/client/smb2ops.c in the Linux Kernel. This issue could allow a local attacker to crash the system or leak internal kernel information.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.155.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.155.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6610",
"url": "https://www.suse.com/security/cve/CVE-2023-6610"
},
{
"category": "external",
"summary": "SUSE Bug 1217946 for CVE-2023-6610",
"url": "https://bugzilla.suse.com/1217946"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.155.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.155.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.155.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.155.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-16T12:28:22Z",
"details": "moderate"
}
],
"title": "CVE-2023-6610"
},
{
"cve": "CVE-2023-6931",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6931"
}
],
"notes": [
{
"category": "general",
"text": "A heap out-of-bounds write vulnerability in the Linux kernel\u0027s Performance Events system component can be exploited to achieve local privilege escalation.\n\nA perf_event\u0027s read_size can overflow, leading to an heap out-of-bounds increment or write in perf_read_group().\n\nWe recommend upgrading past commit 382c27f4ed28f803b1f1473ac2d8db0afc795a1b.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.155.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.155.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6931",
"url": "https://www.suse.com/security/cve/CVE-2023-6931"
},
{
"category": "external",
"summary": "SUSE Bug 1214158 for CVE-2023-6931",
"url": "https://bugzilla.suse.com/1214158"
},
{
"category": "external",
"summary": "SUSE Bug 1218258 for CVE-2023-6931",
"url": "https://bugzilla.suse.com/1218258"
},
{
"category": "external",
"summary": "SUSE Bug 1220191 for CVE-2023-6931",
"url": "https://bugzilla.suse.com/1220191"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.155.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.155.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.155.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.155.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-16T12:28:22Z",
"details": "important"
}
],
"title": "CVE-2023-6931"
},
{
"cve": "CVE-2023-6932",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6932"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free vulnerability in the Linux kernel\u0027s ipv4: igmp component can be exploited to achieve local privilege escalation.\n\nA race condition can be exploited to cause a timer be mistakenly registered on a RCU read locked object which is freed by another thread.\n\nWe recommend upgrading past commit e2b706c691905fe78468c361aaabc719d0a496f1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.155.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.155.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6932",
"url": "https://www.suse.com/security/cve/CVE-2023-6932"
},
{
"category": "external",
"summary": "SUSE Bug 1218253 for CVE-2023-6932",
"url": "https://bugzilla.suse.com/1218253"
},
{
"category": "external",
"summary": "SUSE Bug 1218255 for CVE-2023-6932",
"url": "https://bugzilla.suse.com/1218255"
},
{
"category": "external",
"summary": "SUSE Bug 1220015 for CVE-2023-6932",
"url": "https://bugzilla.suse.com/1220015"
},
{
"category": "external",
"summary": "SUSE Bug 1220191 for CVE-2023-6932",
"url": "https://bugzilla.suse.com/1220191"
},
{
"category": "external",
"summary": "SUSE Bug 1221578 for CVE-2023-6932",
"url": "https://bugzilla.suse.com/1221578"
},
{
"category": "external",
"summary": "SUSE Bug 1221598 for CVE-2023-6932",
"url": "https://bugzilla.suse.com/1221598"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.155.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.155.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.155.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.155.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-16T12:28:22Z",
"details": "important"
}
],
"title": "CVE-2023-6932"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…