Vulnerability from csaf_suse
Published
2023-10-20 09:35
Modified
2023-10-20 09:35
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2023-4389: Fixed a reference counting issue in the Btrfs filesystem that could be exploited in order to leak internal kernel information or crash the system (bsc#1214351).
- CVE-2023-42753: Fixed an array indexing vulnerability in the netfilter subsystem. This issue may have allowed a local user to crash the system or potentially escalate their privileges (bsc#1215150).
- CVE-2023-1206: Fixed a hash collision flaw in the IPv6 connection lookup table. A user located in the local network or with a high bandwidth connection can increase the CPU usage of the server that accepts IPV6 connections up to 95% (bsc#1212703).
- CVE-2023-4921: Fixed a use-after-free vulnerability in the QFQ network scheduler which could be exploited to achieve local privilege escalatio (bsc#1215275).
- CVE-2023-4004: Fixed improper element removal netfilter nft_set_pipapo (bsc#1213812).
- CVE-2023-4622: Fixed a use-after-free vulnerability in the Unix domain sockets component which could be exploited to achieve local privilege escalation (bsc#1215117).
- CVE-2023-4623: Fixed a use-after-free issue in the HFSC network scheduler which could be exploited to achieve local privilege escalation (bsc#1215115).
- CVE-2020-36766: Fixed a potential information leak in in the CEC driver (bsc#1215299).
- CVE-2023-1859: Fixed a use-after-free flaw in Xen transport for 9pfs which could be exploited to crash the system (bsc#1210169).
- CVE-2023-2177: Fixed a null pointer dereference issue in the sctp network protocol which could allow a user to crash the system (bsc#1210643).
- CVE-2023-4881: Fixed a out-of-bounds write flaw in the netfilter subsystem that could lead to potential information disclosure or a denial of service (bsc#1215221).
- CVE-2023-40283: Fixed use-after-free in l2cap_sock_ready_cb (bsc#1214233).
- CVE-2023-1192: Fixed use-after-free in cifs_demultiplex_thread() (bsc#1208995).
The following non-security bugs were fixed:
- bnx2x: new flag for track HW resource allocation (bsc#1202845 bsc#1215322).
- check-for-config-changes: ignore BUILTIN_RETURN_ADDRESS_STRIPS_PAC (bsc#1214380). gcc7 on SLE 15 does not support this while later gcc does.
- locking/rwsem: Disable reader optimistic spinning (bnc#1176588).
- mkspec: Allow unsupported KMPs (bsc#1214386)
- scsi: qedf: Add synchronization between I/O completions and abort (bsc#1210658).
- x86/pkeys: Revert a5eff7259790 ('x86/pkeys: Add PKRU value to init_fpstate') (bsc#1215356).
- x86/srso: Do not probe microcode in a guest (git-fixes).
- x86/srso: Fix SBPB enablement for spec_rstack_overflow=off (git-fixes).
- x86/srso: Fix srso_show_state() side effect (git-fixes).
- x86/srso: Set CPUID feature bits independently of bug or mitigation status (git-fixes).
Patchnames
SUSE-2023-4142,SUSE-SUSE-MicroOS-5.1-2023-4142,SUSE-SUSE-MicroOS-5.2-2023-4142
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for the Linux Kernel", title: "Title of the patch", }, { category: "description", text: "\nThe SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2023-4389: Fixed a reference counting issue in the Btrfs filesystem that could be exploited in order to leak internal kernel information or crash the system (bsc#1214351).\n- CVE-2023-42753: Fixed an array indexing vulnerability in the netfilter subsystem. This issue may have allowed a local user to crash the system or potentially escalate their privileges (bsc#1215150).\n- CVE-2023-1206: Fixed a hash collision flaw in the IPv6 connection lookup table. A user located in the local network or with a high bandwidth connection can increase the CPU usage of the server that accepts IPV6 connections up to 95% (bsc#1212703).\n- CVE-2023-4921: Fixed a use-after-free vulnerability in the QFQ network scheduler which could be exploited to achieve local privilege escalatio (bsc#1215275).\n- CVE-2023-4004: Fixed improper element removal netfilter nft_set_pipapo (bsc#1213812).\n- CVE-2023-4622: Fixed a use-after-free vulnerability in the Unix domain sockets component which could be exploited to achieve local privilege escalation (bsc#1215117).\n- CVE-2023-4623: Fixed a use-after-free issue in the HFSC network scheduler which could be exploited to achieve local privilege escalation (bsc#1215115).\n- CVE-2020-36766: Fixed a potential information leak in in the CEC driver (bsc#1215299).\n- CVE-2023-1859: Fixed a use-after-free flaw in Xen transport for 9pfs which could be exploited to crash the system (bsc#1210169).\n- CVE-2023-2177: Fixed a null pointer dereference issue in the sctp network protocol which could allow a user to crash the system (bsc#1210643).\n- CVE-2023-4881: Fixed a out-of-bounds write flaw in the netfilter subsystem that could lead to potential information disclosure or a denial of service (bsc#1215221).\n- CVE-2023-40283: Fixed use-after-free in l2cap_sock_ready_cb (bsc#1214233).\n- CVE-2023-1192: Fixed use-after-free in cifs_demultiplex_thread() (bsc#1208995).\n\nThe following non-security bugs were fixed:\n\n- bnx2x: new flag for track HW resource allocation (bsc#1202845 bsc#1215322).\n- check-for-config-changes: ignore BUILTIN_RETURN_ADDRESS_STRIPS_PAC (bsc#1214380). gcc7 on SLE 15 does not support this while later gcc does.\n- locking/rwsem: Disable reader optimistic spinning (bnc#1176588).\n- mkspec: Allow unsupported KMPs (bsc#1214386)\n- scsi: qedf: Add synchronization between I/O completions and abort (bsc#1210658).\n- x86/pkeys: Revert a5eff7259790 ('x86/pkeys: Add PKRU value to init_fpstate') (bsc#1215356).\n- x86/srso: Do not probe microcode in a guest (git-fixes).\n- x86/srso: Fix SBPB enablement for spec_rstack_overflow=off (git-fixes).\n- x86/srso: Fix srso_show_state() side effect (git-fixes).\n- x86/srso: Set CPUID feature bits independently of bug or mitigation status (git-fixes).\n", title: "Description of the patch", }, { category: "details", text: "SUSE-2023-4142,SUSE-SUSE-MicroOS-5.1-2023-4142,SUSE-SUSE-MicroOS-5.2-2023-4142", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_4142-1.json", }, { category: "self", summary: "URL for SUSE-SU-2023:4142-1", url: "https://www.suse.com/support/update/announcement/2023/suse-su-20234142-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2023:4142-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2023-October/016764.html", }, { category: "self", summary: "SUSE Bug 1176588", url: "https://bugzilla.suse.com/1176588", }, { category: "self", summary: "SUSE Bug 1202845", url: "https://bugzilla.suse.com/1202845", }, { category: "self", summary: "SUSE Bug 1207270", url: "https://bugzilla.suse.com/1207270", }, { category: "self", summary: "SUSE Bug 1208995", url: "https://bugzilla.suse.com/1208995", }, { category: "self", summary: "SUSE Bug 1210169", url: "https://bugzilla.suse.com/1210169", }, { category: "self", summary: "SUSE Bug 1210643", url: "https://bugzilla.suse.com/1210643", }, { category: "self", summary: "SUSE Bug 1210658", url: "https://bugzilla.suse.com/1210658", }, { category: "self", summary: "SUSE Bug 1212703", url: "https://bugzilla.suse.com/1212703", }, { category: "self", summary: "SUSE Bug 1213812", url: "https://bugzilla.suse.com/1213812", }, { category: "self", summary: "SUSE Bug 1214233", url: "https://bugzilla.suse.com/1214233", }, { category: "self", summary: "SUSE Bug 1214351", url: "https://bugzilla.suse.com/1214351", }, { category: "self", summary: "SUSE Bug 1214380", url: "https://bugzilla.suse.com/1214380", }, { category: "self", summary: "SUSE Bug 1214386", url: "https://bugzilla.suse.com/1214386", }, { category: "self", summary: "SUSE Bug 1215115", url: "https://bugzilla.suse.com/1215115", }, { category: "self", summary: "SUSE Bug 1215117", url: "https://bugzilla.suse.com/1215117", }, { category: "self", summary: "SUSE Bug 1215150", url: "https://bugzilla.suse.com/1215150", }, { category: "self", summary: "SUSE Bug 1215221", url: "https://bugzilla.suse.com/1215221", }, { category: "self", summary: "SUSE Bug 1215275", url: "https://bugzilla.suse.com/1215275", }, { category: "self", summary: "SUSE Bug 1215299", url: "https://bugzilla.suse.com/1215299", }, { category: "self", summary: "SUSE Bug 1215322", url: "https://bugzilla.suse.com/1215322", }, { category: "self", summary: "SUSE Bug 1215356", url: "https://bugzilla.suse.com/1215356", }, { category: "self", summary: "SUSE CVE CVE-2020-36766 page", url: "https://www.suse.com/security/cve/CVE-2020-36766/", }, { category: "self", summary: "SUSE CVE CVE-2023-1192 page", url: "https://www.suse.com/security/cve/CVE-2023-1192/", }, { category: "self", summary: "SUSE CVE CVE-2023-1206 page", url: "https://www.suse.com/security/cve/CVE-2023-1206/", }, { category: "self", summary: "SUSE CVE CVE-2023-1859 page", url: "https://www.suse.com/security/cve/CVE-2023-1859/", }, { category: "self", summary: "SUSE CVE CVE-2023-2177 page", url: "https://www.suse.com/security/cve/CVE-2023-2177/", }, { category: "self", summary: "SUSE CVE CVE-2023-4004 page", url: "https://www.suse.com/security/cve/CVE-2023-4004/", }, { category: "self", summary: "SUSE CVE CVE-2023-40283 page", url: "https://www.suse.com/security/cve/CVE-2023-40283/", }, { category: "self", summary: "SUSE CVE CVE-2023-42753 page", url: "https://www.suse.com/security/cve/CVE-2023-42753/", }, { category: "self", summary: "SUSE CVE CVE-2023-4389 page", url: "https://www.suse.com/security/cve/CVE-2023-4389/", }, { category: "self", summary: "SUSE CVE CVE-2023-4622 page", url: "https://www.suse.com/security/cve/CVE-2023-4622/", }, { category: "self", summary: "SUSE CVE CVE-2023-4623 page", url: "https://www.suse.com/security/cve/CVE-2023-4623/", }, { category: "self", summary: "SUSE CVE CVE-2023-4881 page", url: "https://www.suse.com/security/cve/CVE-2023-4881/", }, { category: "self", summary: "SUSE CVE CVE-2023-4921 page", url: "https://www.suse.com/security/cve/CVE-2023-4921/", }, ], title: "Security update for the Linux Kernel", tracking: { current_release_date: "2023-10-20T09:35:16Z", generator: { date: "2023-10-20T09:35:16Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2023:4142-1", initial_release_date: "2023-10-20T09:35:16Z", revision_history: [ { date: "2023-10-20T09:35:16Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "kernel-devel-rt-5.3.18-150300.144.1.noarch", product: { name: "kernel-devel-rt-5.3.18-150300.144.1.noarch", product_id: "kernel-devel-rt-5.3.18-150300.144.1.noarch", }, }, { category: "product_version", name: "kernel-source-rt-5.3.18-150300.144.1.noarch", product: { name: "kernel-source-rt-5.3.18-150300.144.1.noarch", product_id: "kernel-source-rt-5.3.18-150300.144.1.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "cluster-md-kmp-rt-5.3.18-150300.144.1.x86_64", product: { name: "cluster-md-kmp-rt-5.3.18-150300.144.1.x86_64", product_id: "cluster-md-kmp-rt-5.3.18-150300.144.1.x86_64", }, }, { category: "product_version", name: "cluster-md-kmp-rt_debug-5.3.18-150300.144.1.x86_64", product: { name: "cluster-md-kmp-rt_debug-5.3.18-150300.144.1.x86_64", product_id: "cluster-md-kmp-rt_debug-5.3.18-150300.144.1.x86_64", }, }, { category: "product_version", name: "dlm-kmp-rt-5.3.18-150300.144.1.x86_64", product: { name: "dlm-kmp-rt-5.3.18-150300.144.1.x86_64", product_id: "dlm-kmp-rt-5.3.18-150300.144.1.x86_64", }, }, { category: "product_version", name: "dlm-kmp-rt_debug-5.3.18-150300.144.1.x86_64", product: { name: "dlm-kmp-rt_debug-5.3.18-150300.144.1.x86_64", product_id: "dlm-kmp-rt_debug-5.3.18-150300.144.1.x86_64", }, }, { category: "product_version", name: "gfs2-kmp-rt-5.3.18-150300.144.1.x86_64", product: { name: "gfs2-kmp-rt-5.3.18-150300.144.1.x86_64", product_id: "gfs2-kmp-rt-5.3.18-150300.144.1.x86_64", }, }, { category: "product_version", name: "gfs2-kmp-rt_debug-5.3.18-150300.144.1.x86_64", product: { name: "gfs2-kmp-rt_debug-5.3.18-150300.144.1.x86_64", product_id: "gfs2-kmp-rt_debug-5.3.18-150300.144.1.x86_64", }, }, { category: "product_version", name: "kernel-rt-5.3.18-150300.144.1.x86_64", product: { name: "kernel-rt-5.3.18-150300.144.1.x86_64", product_id: "kernel-rt-5.3.18-150300.144.1.x86_64", }, }, { category: "product_version", name: "kernel-rt-devel-5.3.18-150300.144.1.x86_64", product: { name: "kernel-rt-devel-5.3.18-150300.144.1.x86_64", product_id: "kernel-rt-devel-5.3.18-150300.144.1.x86_64", }, }, { category: "product_version", name: "kernel-rt-extra-5.3.18-150300.144.1.x86_64", product: { name: "kernel-rt-extra-5.3.18-150300.144.1.x86_64", product_id: "kernel-rt-extra-5.3.18-150300.144.1.x86_64", }, }, { category: "product_version", name: "kernel-rt-livepatch-devel-5.3.18-150300.144.1.x86_64", product: { name: "kernel-rt-livepatch-devel-5.3.18-150300.144.1.x86_64", product_id: "kernel-rt-livepatch-devel-5.3.18-150300.144.1.x86_64", }, }, { category: "product_version", name: "kernel-rt-optional-5.3.18-150300.144.1.x86_64", product: { name: "kernel-rt-optional-5.3.18-150300.144.1.x86_64", product_id: "kernel-rt-optional-5.3.18-150300.144.1.x86_64", }, }, { category: "product_version", name: "kernel-rt_debug-5.3.18-150300.144.1.x86_64", product: { name: "kernel-rt_debug-5.3.18-150300.144.1.x86_64", product_id: "kernel-rt_debug-5.3.18-150300.144.1.x86_64", }, }, { category: "product_version", name: "kernel-rt_debug-devel-5.3.18-150300.144.1.x86_64", product: { name: "kernel-rt_debug-devel-5.3.18-150300.144.1.x86_64", product_id: "kernel-rt_debug-devel-5.3.18-150300.144.1.x86_64", }, }, { category: "product_version", name: "kernel-rt_debug-extra-5.3.18-150300.144.1.x86_64", product: { name: "kernel-rt_debug-extra-5.3.18-150300.144.1.x86_64", product_id: "kernel-rt_debug-extra-5.3.18-150300.144.1.x86_64", }, }, { category: "product_version", name: "kernel-rt_debug-livepatch-devel-5.3.18-150300.144.1.x86_64", product: { name: "kernel-rt_debug-livepatch-devel-5.3.18-150300.144.1.x86_64", product_id: "kernel-rt_debug-livepatch-devel-5.3.18-150300.144.1.x86_64", }, }, { category: "product_version", name: "kernel-rt_debug-optional-5.3.18-150300.144.1.x86_64", product: { name: "kernel-rt_debug-optional-5.3.18-150300.144.1.x86_64", product_id: "kernel-rt_debug-optional-5.3.18-150300.144.1.x86_64", }, }, { category: "product_version", name: "kernel-syms-rt-5.3.18-150300.144.1.x86_64", product: { name: "kernel-syms-rt-5.3.18-150300.144.1.x86_64", product_id: "kernel-syms-rt-5.3.18-150300.144.1.x86_64", }, }, { category: "product_version", name: "kselftests-kmp-rt-5.3.18-150300.144.1.x86_64", product: { name: "kselftests-kmp-rt-5.3.18-150300.144.1.x86_64", product_id: "kselftests-kmp-rt-5.3.18-150300.144.1.x86_64", }, }, { category: "product_version", name: "kselftests-kmp-rt_debug-5.3.18-150300.144.1.x86_64", product: { name: "kselftests-kmp-rt_debug-5.3.18-150300.144.1.x86_64", product_id: "kselftests-kmp-rt_debug-5.3.18-150300.144.1.x86_64", }, }, { category: "product_version", name: "ocfs2-kmp-rt-5.3.18-150300.144.1.x86_64", product: { name: "ocfs2-kmp-rt-5.3.18-150300.144.1.x86_64", product_id: "ocfs2-kmp-rt-5.3.18-150300.144.1.x86_64", }, }, { category: "product_version", name: "ocfs2-kmp-rt_debug-5.3.18-150300.144.1.x86_64", product: { name: "ocfs2-kmp-rt_debug-5.3.18-150300.144.1.x86_64", product_id: "ocfs2-kmp-rt_debug-5.3.18-150300.144.1.x86_64", }, }, { category: "product_version", name: "reiserfs-kmp-rt-5.3.18-150300.144.1.x86_64", product: { name: "reiserfs-kmp-rt-5.3.18-150300.144.1.x86_64", product_id: "reiserfs-kmp-rt-5.3.18-150300.144.1.x86_64", }, }, { category: "product_version", name: "reiserfs-kmp-rt_debug-5.3.18-150300.144.1.x86_64", product: { name: "reiserfs-kmp-rt_debug-5.3.18-150300.144.1.x86_64", product_id: "reiserfs-kmp-rt_debug-5.3.18-150300.144.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Micro 5.1", product: { name: "SUSE Linux Enterprise Micro 5.1", product_id: "SUSE Linux Enterprise Micro 5.1", product_identification_helper: { cpe: "cpe:/o:suse:suse-microos:5.1", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Micro 5.2", product: { name: "SUSE Linux Enterprise Micro 5.2", product_id: "SUSE Linux Enterprise Micro 5.2", product_identification_helper: { cpe: "cpe:/o:suse:suse-microos:5.2", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "kernel-rt-5.3.18-150300.144.1.x86_64 as component of SUSE Linux Enterprise Micro 5.1", product_id: "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.144.1.x86_64", }, product_reference: "kernel-rt-5.3.18-150300.144.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.1", }, { category: "default_component_of", full_product_name: { name: "kernel-rt-5.3.18-150300.144.1.x86_64 as component of SUSE Linux Enterprise Micro 5.2", product_id: "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.144.1.x86_64", }, product_reference: "kernel-rt-5.3.18-150300.144.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.2", }, ], }, vulnerabilities: [ { cve: "CVE-2020-36766", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-36766", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel before 5.8.6. drivers/media/cec/core/cec-api.c leaks one byte of kernel memory on specific hardware to unprivileged users, because of directly assigning log_addrs with a hole in the struct.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.144.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.144.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-36766", url: "https://www.suse.com/security/cve/CVE-2020-36766", }, { category: "external", summary: "SUSE Bug 1215299 for CVE-2020-36766", url: "https://bugzilla.suse.com/1215299", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.144.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.144.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 2.5, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.144.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.144.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-10-20T09:35:16Z", details: "low", }, ], title: "CVE-2020-36766", }, { cve: "CVE-2023-1192", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1192", }, ], notes: [ { category: "general", text: "A use-after-free flaw was found in smb2_is_status_io_timeout() in CIFS in the Linux Kernel. After CIFS transfers response data to a system call, there are still local variable points to the memory region, and if the system call frees it faster than CIFS uses it, CIFS will access a free memory region, leading to a denial of service.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.144.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.144.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-1192", url: "https://www.suse.com/security/cve/CVE-2023-1192", }, { category: "external", summary: "SUSE Bug 1208995 for CVE-2023-1192", url: "https://bugzilla.suse.com/1208995", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.144.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.144.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.144.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.144.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-10-20T09:35:16Z", details: "moderate", }, ], title: "CVE-2023-1192", }, { cve: "CVE-2023-1206", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1206", }, ], notes: [ { category: "general", text: "A hash collision flaw was found in the IPv6 connection lookup table in the Linux kernel's IPv6 functionality when a user makes a new kind of SYN flood attack. A user located in the local network or with a high bandwidth connection can increase the CPU usage of the server that accepts IPV6 connections up to 95%.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.144.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.144.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-1206", url: "https://www.suse.com/security/cve/CVE-2023-1206", }, { category: "external", summary: "SUSE Bug 1212703 for CVE-2023-1206", url: "https://bugzilla.suse.com/1212703", }, { category: "external", summary: "SUSE Bug 1220015 for CVE-2023-1206", url: "https://bugzilla.suse.com/1220015", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.144.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.144.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.144.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.144.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-10-20T09:35:16Z", details: "moderate", }, ], title: "CVE-2023-1206", }, { cve: "CVE-2023-1859", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1859", }, ], notes: [ { category: "general", text: "A use-after-free flaw was found in xen_9pfs_front_removet in net/9p/trans_xen.c in Xen transport for 9pfs in the Linux Kernel. This flaw could allow a local attacker to crash the system due to a race problem, possibly leading to a kernel information leak.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.144.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.144.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-1859", url: "https://www.suse.com/security/cve/CVE-2023-1859", }, { category: "external", summary: "SUSE Bug 1210169 for CVE-2023-1859", url: "https://bugzilla.suse.com/1210169", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.144.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.144.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 1.9, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.144.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.144.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-10-20T09:35:16Z", details: "low", }, ], title: "CVE-2023-1859", }, { cve: "CVE-2023-2177", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-2177", }, ], notes: [ { category: "general", text: "A null pointer dereference issue was found in the sctp network protocol in net/sctp/stream_sched.c in Linux Kernel. If stream_in allocation is failed, stream_out is freed which would further be accessed. A local user could use this flaw to crash the system or potentially cause a denial of service.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.144.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.144.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-2177", url: "https://www.suse.com/security/cve/CVE-2023-2177", }, { category: "external", summary: "SUSE Bug 1210643 for CVE-2023-2177", url: "https://bugzilla.suse.com/1210643", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.144.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.144.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.144.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.144.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-10-20T09:35:16Z", details: "moderate", }, ], title: "CVE-2023-2177", }, { cve: "CVE-2023-4004", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-4004", }, ], notes: [ { category: "general", text: "A use-after-free flaw was found in the Linux kernel's netfilter in the way a user triggers the nft_pipapo_remove function with the element, without a NFT_SET_EXT_KEY_END. This issue could allow a local user to crash the system or potentially escalate their privileges on the system.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.144.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.144.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-4004", url: "https://www.suse.com/security/cve/CVE-2023-4004", }, { category: "external", summary: "SUSE Bug 1213812 for CVE-2023-4004", url: "https://bugzilla.suse.com/1213812", }, { category: "external", summary: "SUSE Bug 1214812 for CVE-2023-4004", url: "https://bugzilla.suse.com/1214812", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.144.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.144.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.144.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.144.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-10-20T09:35:16Z", details: "important", }, ], title: "CVE-2023-4004", }, { cve: "CVE-2023-40283", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-40283", }, ], notes: [ { category: "general", text: "An issue was discovered in l2cap_sock_release in net/bluetooth/l2cap_sock.c in the Linux kernel before 6.4.10. There is a use-after-free because the children of an sk are mishandled.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.144.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.144.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-40283", url: "https://www.suse.com/security/cve/CVE-2023-40283", }, { category: "external", summary: "SUSE Bug 1214233 for CVE-2023-40283", url: "https://bugzilla.suse.com/1214233", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.144.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.144.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.144.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.144.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-10-20T09:35:16Z", details: "moderate", }, ], title: "CVE-2023-40283", }, { cve: "CVE-2023-42753", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-42753", }, ], notes: [ { category: "general", text: "An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a miscalculation of the `h->nets` array offset, providing attackers with the primitive to arbitrarily increment/decrement a memory buffer out-of-bound. This issue may allow a local user to crash the system or potentially escalate their privileges on the system.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.144.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.144.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-42753", url: "https://www.suse.com/security/cve/CVE-2023-42753", }, { category: "external", summary: "SUSE Bug 1215150 for CVE-2023-42753", url: "https://bugzilla.suse.com/1215150", }, { category: "external", summary: "SUSE Bug 1218613 for CVE-2023-42753", url: "https://bugzilla.suse.com/1218613", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.144.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.144.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.144.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.144.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-10-20T09:35:16Z", details: "moderate", }, ], title: "CVE-2023-42753", }, { cve: "CVE-2023-4389", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-4389", }, ], notes: [ { category: "general", text: "A flaw was found in btrfs_get_root_ref in fs/btrfs/disk-io.c in the btrfs filesystem in the Linux Kernel due to a double decrement of the reference count. This issue may allow a local attacker with user privilege to crash the system or may lead to leaked internal kernel information.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.144.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.144.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-4389", url: "https://www.suse.com/security/cve/CVE-2023-4389", }, { category: "external", summary: "SUSE Bug 1214351 for CVE-2023-4389", url: "https://bugzilla.suse.com/1214351", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.144.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.144.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.8, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.144.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.144.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-10-20T09:35:16Z", details: "moderate", }, ], title: "CVE-2023-4389", }, { cve: "CVE-2023-4622", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-4622", }, ], notes: [ { category: "general", text: "A use-after-free vulnerability in the Linux kernel's af_unix component can be exploited to achieve local privilege escalation.\n\nThe unix_stream_sendpage() function tries to add data to the last skb in the peer's recv queue without locking the queue. Thus there is a race where unix_stream_sendpage() could access an skb locklessly that is being released by garbage collection, resulting in use-after-free.\n\nWe recommend upgrading past commit 790c2f9d15b594350ae9bca7b236f2b1859de02c.\n\n", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.144.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.144.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-4622", url: "https://www.suse.com/security/cve/CVE-2023-4622", }, { category: "external", summary: "SUSE Bug 1215117 for CVE-2023-4622", url: "https://bugzilla.suse.com/1215117", }, { category: "external", summary: "SUSE Bug 1215442 for CVE-2023-4622", url: "https://bugzilla.suse.com/1215442", }, { category: "external", summary: "SUSE Bug 1217531 for CVE-2023-4622", url: "https://bugzilla.suse.com/1217531", }, { category: "external", summary: "SUSE Bug 1219699 for CVE-2023-4622", url: "https://bugzilla.suse.com/1219699", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.144.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.144.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.144.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.144.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-10-20T09:35:16Z", details: "important", }, ], title: "CVE-2023-4622", }, { cve: "CVE-2023-4623", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-4623", }, ], notes: [ { category: "general", text: "A use-after-free vulnerability in the Linux kernel's net/sched: sch_hfsc (HFSC qdisc traffic control) component can be exploited to achieve local privilege escalation.\n\nIf a class with a link-sharing curve (i.e. with the HFSC_FSC flag set) has a parent without a link-sharing curve, then init_vf() will call vttree_insert() on the parent, but vttree_remove() will be skipped in update_vf(). This leaves a dangling pointer that can cause a use-after-free.\n\nWe recommend upgrading past commit b3d26c5702c7d6c45456326e56d2ccf3f103e60f.\n\n", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.144.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.144.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-4623", url: "https://www.suse.com/security/cve/CVE-2023-4623", }, { category: "external", summary: "SUSE Bug 1215115 for CVE-2023-4623", url: "https://bugzilla.suse.com/1215115", }, { category: "external", summary: "SUSE Bug 1215440 for CVE-2023-4623", url: "https://bugzilla.suse.com/1215440", }, { category: "external", summary: "SUSE Bug 1217444 for CVE-2023-4623", url: "https://bugzilla.suse.com/1217444", }, { category: "external", summary: "SUSE Bug 1217531 for CVE-2023-4623", url: "https://bugzilla.suse.com/1217531", }, { category: "external", summary: "SUSE Bug 1219698 for CVE-2023-4623", url: "https://bugzilla.suse.com/1219698", }, { category: "external", summary: "SUSE Bug 1221578 for CVE-2023-4623", url: "https://bugzilla.suse.com/1221578", }, { category: "external", summary: "SUSE Bug 1221598 for CVE-2023-4623", url: "https://bugzilla.suse.com/1221598", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.144.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.144.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.144.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.144.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-10-20T09:35:16Z", details: "important", }, ], title: "CVE-2023-4623", }, { cve: "CVE-2023-4881", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-4881", }, ], notes: [ { category: "general", text: "** REJECT ** CVE-2023-4881 was wrongly assigned to a bug that was deemed to be a non-security issue by the Linux kernel security team.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.144.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.144.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-4881", url: "https://www.suse.com/security/cve/CVE-2023-4881", }, { category: "external", summary: "SUSE Bug 1215221 for CVE-2023-4881", url: "https://bugzilla.suse.com/1215221", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.144.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.144.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L", version: "3.1", }, products: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.144.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.144.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-10-20T09:35:16Z", details: "moderate", }, ], title: "CVE-2023-4881", }, { cve: "CVE-2023-4921", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-4921", }, ], notes: [ { category: "general", text: "A use-after-free vulnerability in the Linux kernel's net/sched: sch_qfq component can be exploited to achieve local privilege escalation.\n\nWhen the plug qdisc is used as a class of the qfq qdisc, sending network packets triggers use-after-free in qfq_dequeue() due to the incorrect .peek handler of sch_plug and lack of error checking in agg_dequeue().\n\nWe recommend upgrading past commit 8fc134fee27f2263988ae38920bc03da416b03d8.\n\n", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.144.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.144.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-4921", url: "https://www.suse.com/security/cve/CVE-2023-4921", }, { category: "external", summary: "SUSE Bug 1215275 for CVE-2023-4921", url: "https://bugzilla.suse.com/1215275", }, { category: "external", summary: "SUSE Bug 1215300 for CVE-2023-4921", url: "https://bugzilla.suse.com/1215300", }, { category: "external", summary: "SUSE Bug 1217444 for CVE-2023-4921", url: "https://bugzilla.suse.com/1217444", }, { category: "external", summary: "SUSE Bug 1217531 for CVE-2023-4921", url: "https://bugzilla.suse.com/1217531", }, { category: "external", summary: "SUSE Bug 1220906 for CVE-2023-4921", url: "https://bugzilla.suse.com/1220906", }, { category: "external", summary: "SUSE Bug 1223091 for CVE-2023-4921", url: "https://bugzilla.suse.com/1223091", }, { category: "external", summary: "SUSE Bug 1224418 for CVE-2023-4921", url: "https://bugzilla.suse.com/1224418", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.144.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.144.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.144.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.144.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-10-20T09:35:16Z", details: "important", }, ], title: "CVE-2023-4921", }, ], }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
Title of the comment
Description of the comment
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.