Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2023-5345 (GCVE-0-2023-5345)
Vulnerability from cvelistv5 – Published: 2023-10-03 02:33 – Updated: 2025-02-27 20:48
VLAI
EPSS
Title
Use-after-free in Linux kernel's fs/smb/client component
Summary
A use-after-free vulnerability in the Linux kernel's fs/smb/client component can be exploited to achieve local privilege escalation.
In case of an error in smb3_fs_context_parse_param, ctx->password was freed but the field was not set to NULL which could lead to double free.
We recommend upgrading past commit e6e43b8aa7cd3c3af686caf0c2e11819a886d705.
Severity
7.8 (High)
CWE
- CWE-416 - Use After Free
Assigner
References
6 references
Date Public
2023-09-28 19:49
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:52:08.630Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"patch",
"x_transferred"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=e6e43b8aa7cd3c3af686caf0c2e11819a886d705"
},
{
"tags": [
"x_transferred"
],
"url": "https://kernel.dance/e6e43b8aa7cd3c3af686caf0c2e11819a886d705"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V5PDNWPKAP3WL5RQZ4RIDS6MG32OHH5R/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GISYSL3F6WIEVGHJGLC2MFNTUXHPTKQH/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GPMICQ2HVZO5UAM5KPXHAZKA2U3ZDOO6/"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/177029/Kernel-Live-Patch-Security-Notice-LSN-0100-1.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-5345",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-26T21:50:50.456267Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-27T20:48:41.186Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageName": "kernel",
"product": "Kernel",
"repo": "https://git.kernel.org",
"vendor": "Linux",
"versions": [
{
"lessThan": "6.6",
"status": "affected",
"version": "0.0",
"versionType": "custom"
}
]
}
],
"datePublic": "2023-09-28T19:49:51.000Z",
"descriptions": [
{
"lang": "en",
"value": "A use-after-free vulnerability in the Linux kernel\u0027s fs/smb/client component can be exploited to achieve local privilege escalation.\n\nIn case of an error in smb3_fs_context_parse_param, ctx-\u003epassword was freed but the field was not set to NULL which could lead to double free.\n\nWe recommend upgrading past commit e6e43b8aa7cd3c3af686caf0c2e11819a886d705."
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-08T16:05:55.202Z",
"orgId": "14ed7db2-1595-443d-9d34-6215bf890778",
"shortName": "Google"
},
"references": [
{
"tags": [
"patch"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=e6e43b8aa7cd3c3af686caf0c2e11819a886d705"
},
{
"url": "https://kernel.dance/e6e43b8aa7cd3c3af686caf0c2e11819a886d705"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V5PDNWPKAP3WL5RQZ4RIDS6MG32OHH5R/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GISYSL3F6WIEVGHJGLC2MFNTUXHPTKQH/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GPMICQ2HVZO5UAM5KPXHAZKA2U3ZDOO6/"
},
{
"url": "http://packetstormsecurity.com/files/177029/Kernel-Live-Patch-Security-Notice-LSN-0100-1.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Use-after-free in Linux kernel\u0027s fs/smb/client component",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "14ed7db2-1595-443d-9d34-6215bf890778",
"assignerShortName": "Google",
"cveId": "CVE-2023-5345",
"datePublished": "2023-10-03T02:33:06.684Z",
"dateReserved": "2023-10-02T23:43:23.770Z",
"dateUpdated": "2025-02-27T20:48:41.186Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2023-5345",
"date": "2026-05-30",
"epss": "0.00025",
"percentile": "0.07644"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2023-5345\",\"sourceIdentifier\":\"cve-coordination@google.com\",\"published\":\"2023-10-03T03:15:09.750\",\"lastModified\":\"2025-03-20T16:59:45.643\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A use-after-free vulnerability in the Linux kernel\u0027s fs/smb/client component can be exploited to achieve local privilege escalation.\\n\\nIn case of an error in smb3_fs_context_parse_param, ctx-\u003epassword was freed but the field was not set to NULL which could lead to double free.\\n\\nWe recommend upgrading past commit e6e43b8aa7cd3c3af686caf0c2e11819a886d705.\"},{\"lang\":\"es\",\"value\":\"Se puede explotar una vulnerabilidad de use-after-free en el componente fs/smb/client del kernel de Linux para lograr una escalada de privilegios local. En caso de un error en smb3_fs_context_parse_param, se liber\u00f3 ctx-\u0026gt;password pero el campo no se configur\u00f3 en NULL, lo que podr\u00eda provocar una doble liberaci\u00f3n. Recomendamos actualizar al commit anterior e6e43b8aa7cd3c3af686caf0c2e11819a886d705.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"cve-coordination@google.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"cve-coordination@google.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-416\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-416\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.0.16\",\"versionEndExcluding\":\"6.1.56\",\"matchCriteriaId\":\"1D9FAA11-D32A-471A-A6A4-218A6F40B983\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.2\",\"versionEndExcluding\":\"6.5.6\",\"matchCriteriaId\":\"870FC772-173A-4A0F-B1AF-7976AD6057D3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.6:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"84267A4F-DBC2-444F-B41D-69E15E1BEC97\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.6:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"FB440208-241C-4246-9A83-C1715C0DAA6C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.6:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"0DC421F1-3D5A-4BEF-BF76-4E468985D20B\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E30D0E6F-4AE8-4284-8716-991DFA48CC5D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CC559B26-5DFC-4B7A-A27C-B77DE755DFF9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646\"}]}]}],\"references\":[{\"url\":\"http://packetstormsecurity.com/files/177029/Kernel-Live-Patch-Security-Notice-LSN-0100-1.html\",\"source\":\"cve-coordination@google.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=e6e43b8aa7cd3c3af686caf0c2e11819a886d705\",\"source\":\"cve-coordination@google.com\",\"tags\":[\"Mailing List\",\"Patch\"]},{\"url\":\"https://kernel.dance/e6e43b8aa7cd3c3af686caf0c2e11819a886d705\",\"source\":\"cve-coordination@google.com\",\"tags\":[\"Mailing List\",\"Patch\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GISYSL3F6WIEVGHJGLC2MFNTUXHPTKQH/\",\"source\":\"cve-coordination@google.com\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GPMICQ2HVZO5UAM5KPXHAZKA2U3ZDOO6/\",\"source\":\"cve-coordination@google.com\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V5PDNWPKAP3WL5RQZ4RIDS6MG32OHH5R/\",\"source\":\"cve-coordination@google.com\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://packetstormsecurity.com/files/177029/Kernel-Live-Patch-Security-Notice-LSN-0100-1.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=e6e43b8aa7cd3c3af686caf0c2e11819a886d705\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\"]},{\"url\":\"https://kernel.dance/e6e43b8aa7cd3c3af686caf0c2e11819a886d705\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GISYSL3F6WIEVGHJGLC2MFNTUXHPTKQH/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GPMICQ2HVZO5UAM5KPXHAZKA2U3ZDOO6/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V5PDNWPKAP3WL5RQZ4RIDS6MG32OHH5R/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]}]}}",
"vulnrichment": {
"containers": "{\"cna\": {\"providerMetadata\": {\"orgId\": \"14ed7db2-1595-443d-9d34-6215bf890778\", \"shortName\": \"Google\", \"dateUpdated\": \"2024-02-08T16:05:55.202Z\"}, \"title\": \"Use-after-free in Linux kernel\u0027s fs/smb/client component\", \"datePublic\": \"2023-09-28T19:49:51.000Z\", \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"cweId\": \"CWE-416\", \"description\": \"CWE-416 Use After Free\", \"type\": \"CWE\"}]}], \"impacts\": [{\"capecId\": \"CAPEC-233\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"CAPEC-233 Privilege Escalation\"}]}], \"affected\": [{\"vendor\": \"Linux\", \"product\": \"Kernel\", \"packageName\": \"kernel\", \"repo\": \"https://git.kernel.org\", \"versions\": [{\"status\": \"affected\", \"version\": \"0.0\", \"lessThan\": \"6.6\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unaffected\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A use-after-free vulnerability in the Linux kernel\u0027s fs/smb/client component can be exploited to achieve local privilege escalation.\\n\\nIn case of an error in smb3_fs_context_parse_param, ctx-\u003epassword was freed but the field was not set to NULL which could lead to double free.\\n\\nWe recommend upgrading past commit e6e43b8aa7cd3c3af686caf0c2e11819a886d705.\"}], \"references\": [{\"url\": \"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=e6e43b8aa7cd3c3af686caf0c2e11819a886d705\", \"tags\": [\"patch\"]}, {\"url\": \"https://kernel.dance/e6e43b8aa7cd3c3af686caf0c2e11819a886d705\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V5PDNWPKAP3WL5RQZ4RIDS6MG32OHH5R/\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GISYSL3F6WIEVGHJGLC2MFNTUXHPTKQH/\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GPMICQ2HVZO5UAM5KPXHAZKA2U3ZDOO6/\"}, {\"url\": \"http://packetstormsecurity.com/files/177029/Kernel-Live-Patch-Security-Notice-LSN-0100-1.html\"}], \"metrics\": [{\"format\": \"CVSS\", \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}], \"cvssV3_1\": {\"version\": \"3.1\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\", \"baseSeverity\": \"HIGH\", \"baseScore\": 7.8, \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\"}}], \"source\": {\"discovery\": \"EXTERNAL\"}, \"x_generator\": {\"engine\": \"Vulnogram 0.1.0-dev\"}}, \"adp\": [{\"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T07:52:08.630Z\"}, \"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=e6e43b8aa7cd3c3af686caf0c2e11819a886d705\", \"tags\": [\"patch\", \"x_transferred\"]}, {\"url\": \"https://kernel.dance/e6e43b8aa7cd3c3af686caf0c2e11819a886d705\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V5PDNWPKAP3WL5RQZ4RIDS6MG32OHH5R/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GISYSL3F6WIEVGHJGLC2MFNTUXHPTKQH/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GPMICQ2HVZO5UAM5KPXHAZKA2U3ZDOO6/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://packetstormsecurity.com/files/177029/Kernel-Live-Patch-Security-Notice-LSN-0100-1.html\", \"tags\": [\"x_transferred\"]}]}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-5345\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-02-26T21:50:50.456267Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-02-26T20:36:11.512Z\"}}]}",
"cveMetadata": "{\"cveId\": \"CVE-2023-5345\", \"assignerOrgId\": \"14ed7db2-1595-443d-9d34-6215bf890778\", \"state\": \"PUBLISHED\", \"assignerShortName\": \"Google\", \"dateReserved\": \"2023-10-02T23:43:23.770Z\", \"datePublished\": \"2023-10-03T02:33:06.684Z\", \"dateUpdated\": \"2025-02-27T20:48:41.186Z\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
SUSE-SU-2023:4775-1
Vulnerability from csaf_suse - Published: 2023-12-13 12:35 - Updated: 2023-12-13 12:35Summary
Security update for the Linux Kernel RT (Live Patch 5 for SLE 15 SP5)
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel RT (Live Patch 5 for SLE 15 SP5)
Description of the patch: This update for the Linux Kernel 5.14.21-150500_13_18 fixes several issues.
The following security issues were fixed:
- CVE-2023-3777: Fixed a use-after-free vulnerability in netfilter: nf_tables component can be exploited to achieve local privilege escalation. (bsc#1215097)
- CVE-2023-5345: Fixed an use-after-free vulnerability in the fs/smb/client component which could be exploited to achieve local privilege escalation. (bsc#1215971)
- CVE-2023-4622: Fixed a use-after-free vulnerability in the Unix domain sockets component which could be exploited to achieve local privilege escalation (bsc#1215442).
- CVE-2023-2163: Fixed an incorrect verifier pruning in BPF that could lead to unsafe code paths being incorrectly marked as safe, resulting in arbitrary read/write in kernel memory, lateral privilege escalation, and container escape. (bsc#1215519)
Patchnames: SUSE-2023-4775,SUSE-2023-4779,SUSE-SLE-Module-Live-Patching-15-SP4-2023-4775,SUSE-SLE-Module-Live-Patching-15-SP5-2023-4779
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.1 (High)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_53-rt-3-150400.2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_18-rt-3-150500.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_53-rt-3-150400.2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_18-rt-3-150500.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_53-rt-3-150400.2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_18-rt-3-150500.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_53-rt-3-150400.2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_18-rt-3-150500.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
26 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel RT (Live Patch 5 for SLE 15 SP5)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for the Linux Kernel 5.14.21-150500_13_18 fixes several issues.\n\nThe following security issues were fixed:\n\n- CVE-2023-3777: Fixed a use-after-free vulnerability in netfilter: nf_tables component can be exploited to achieve local privilege escalation. (bsc#1215097)\n- CVE-2023-5345: Fixed an use-after-free vulnerability in the fs/smb/client component which could be exploited to achieve local privilege escalation. (bsc#1215971)\n- CVE-2023-4622: Fixed a use-after-free vulnerability in the Unix domain sockets component which could be exploited to achieve local privilege escalation (bsc#1215442).\n- CVE-2023-2163: Fixed an incorrect verifier pruning in BPF that could lead to unsafe code paths being incorrectly marked as safe, resulting in arbitrary read/write in kernel memory, lateral privilege escalation, and container escape. (bsc#1215519)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2023-4775,SUSE-2023-4779,SUSE-SLE-Module-Live-Patching-15-SP4-2023-4775,SUSE-SLE-Module-Live-Patching-15-SP5-2023-4779",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_4775-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2023:4775-1",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20234775-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2023:4775-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-December/017323.html"
},
{
"category": "self",
"summary": "SUSE Bug 1215097",
"url": "https://bugzilla.suse.com/1215097"
},
{
"category": "self",
"summary": "SUSE Bug 1215442",
"url": "https://bugzilla.suse.com/1215442"
},
{
"category": "self",
"summary": "SUSE Bug 1215519",
"url": "https://bugzilla.suse.com/1215519"
},
{
"category": "self",
"summary": "SUSE Bug 1215971",
"url": "https://bugzilla.suse.com/1215971"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-2163 page",
"url": "https://www.suse.com/security/cve/CVE-2023-2163/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-3777 page",
"url": "https://www.suse.com/security/cve/CVE-2023-3777/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-4622 page",
"url": "https://www.suse.com/security/cve/CVE-2023-4622/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-5345 page",
"url": "https://www.suse.com/security/cve/CVE-2023-5345/"
}
],
"title": "Security update for the Linux Kernel RT (Live Patch 5 for SLE 15 SP5)",
"tracking": {
"current_release_date": "2023-12-13T12:35:17Z",
"generator": {
"date": "2023-12-13T12:35:17Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2023:4775-1",
"initial_release_date": "2023-12-13T12:35:17Z",
"revision_history": [
{
"date": "2023-12-13T12:35:17Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150400_15_53-rt-3-150400.2.1.x86_64",
"product": {
"name": "kernel-livepatch-5_14_21-150400_15_53-rt-3-150400.2.1.x86_64",
"product_id": "kernel-livepatch-5_14_21-150400_15_53-rt-3-150400.2.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150500_13_18-rt-3-150500.2.1.x86_64",
"product": {
"name": "kernel-livepatch-5_14_21-150500_13_18-rt-3-150500.2.1.x86_64",
"product_id": "kernel-livepatch-5_14_21-150500_13_18-rt-3-150500.2.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_14_21-150400_15_53-rt-3-150400.2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_53-rt-3-150400.2.1.x86_64"
},
"product_reference": "kernel-livepatch-5_14_21-150400_15_53-rt-3-150400.2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_14_21-150500_13_18-rt-3-150500.2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_18-rt-3-150500.2.1.x86_64"
},
"product_reference": "kernel-livepatch-5_14_21-150500_13_18-rt-3-150500.2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-2163",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-2163"
}
],
"notes": [
{
"category": "general",
"text": "Incorrect verifier pruning in BPF in Linux Kernel \u003e=5.4 leads to unsafe\ncode paths being incorrectly marked as safe, resulting in arbitrary read/write in\nkernel memory, lateral privilege escalation, and container escape.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_53-rt-3-150400.2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_18-rt-3-150500.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-2163",
"url": "https://www.suse.com/security/cve/CVE-2023-2163"
},
{
"category": "external",
"summary": "SUSE Bug 1215518 for CVE-2023-2163",
"url": "https://bugzilla.suse.com/1215518"
},
{
"category": "external",
"summary": "SUSE Bug 1215519 for CVE-2023-2163",
"url": "https://bugzilla.suse.com/1215519"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_53-rt-3-150400.2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_18-rt-3-150500.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_53-rt-3-150400.2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_18-rt-3-150500.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-12-13T12:35:17Z",
"details": "important"
}
],
"title": "CVE-2023-2163"
},
{
"cve": "CVE-2023-3777",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-3777"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free vulnerability in the Linux kernel\u0027s netfilter: nf_tables component can be exploited to achieve local privilege escalation.\n\nWhen nf_tables_delrule() is flushing table rules, it is not checked whether the chain is bound and the chain\u0027s owner rule can also release the objects in certain circumstances.\n\nWe recommend upgrading past commit 6eaf41e87a223ae6f8e7a28d6e78384ad7e407f8.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_53-rt-3-150400.2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_18-rt-3-150500.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-3777",
"url": "https://www.suse.com/security/cve/CVE-2023-3777"
},
{
"category": "external",
"summary": "SUSE Bug 1215095 for CVE-2023-3777",
"url": "https://bugzilla.suse.com/1215095"
},
{
"category": "external",
"summary": "SUSE Bug 1215097 for CVE-2023-3777",
"url": "https://bugzilla.suse.com/1215097"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_53-rt-3-150400.2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_18-rt-3-150500.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_53-rt-3-150400.2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_18-rt-3-150500.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-12-13T12:35:17Z",
"details": "important"
}
],
"title": "CVE-2023-3777"
},
{
"cve": "CVE-2023-4622",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-4622"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free vulnerability in the Linux kernel\u0027s af_unix component can be exploited to achieve local privilege escalation.\n\nThe unix_stream_sendpage() function tries to add data to the last skb in the peer\u0027s recv queue without locking the queue. Thus there is a race where unix_stream_sendpage() could access an skb locklessly that is being released by garbage collection, resulting in use-after-free.\n\nWe recommend upgrading past commit 790c2f9d15b594350ae9bca7b236f2b1859de02c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_53-rt-3-150400.2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_18-rt-3-150500.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-4622",
"url": "https://www.suse.com/security/cve/CVE-2023-4622"
},
{
"category": "external",
"summary": "SUSE Bug 1215117 for CVE-2023-4622",
"url": "https://bugzilla.suse.com/1215117"
},
{
"category": "external",
"summary": "SUSE Bug 1215442 for CVE-2023-4622",
"url": "https://bugzilla.suse.com/1215442"
},
{
"category": "external",
"summary": "SUSE Bug 1217531 for CVE-2023-4622",
"url": "https://bugzilla.suse.com/1217531"
},
{
"category": "external",
"summary": "SUSE Bug 1219699 for CVE-2023-4622",
"url": "https://bugzilla.suse.com/1219699"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_53-rt-3-150400.2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_18-rt-3-150500.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_53-rt-3-150400.2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_18-rt-3-150500.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-12-13T12:35:17Z",
"details": "important"
}
],
"title": "CVE-2023-4622"
},
{
"cve": "CVE-2023-5345",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-5345"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free vulnerability in the Linux kernel\u0027s fs/smb/client component can be exploited to achieve local privilege escalation.\n\nIn case of an error in smb3_fs_context_parse_param, ctx-\u003epassword was freed but the field was not set to NULL which could lead to double free.\n\nWe recommend upgrading past commit e6e43b8aa7cd3c3af686caf0c2e11819a886d705.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_53-rt-3-150400.2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_18-rt-3-150500.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-5345",
"url": "https://www.suse.com/security/cve/CVE-2023-5345"
},
{
"category": "external",
"summary": "SUSE Bug 1215899 for CVE-2023-5345",
"url": "https://bugzilla.suse.com/1215899"
},
{
"category": "external",
"summary": "SUSE Bug 1215971 for CVE-2023-5345",
"url": "https://bugzilla.suse.com/1215971"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_53-rt-3-150400.2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_18-rt-3-150500.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_53-rt-3-150400.2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_18-rt-3-150500.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-12-13T12:35:17Z",
"details": "important"
}
],
"title": "CVE-2023-5345"
}
]
}
SUSE-SU-2023:4801-1
Vulnerability from csaf_suse - Published: 2023-12-13 16:33 - Updated: 2023-12-13 16:33Summary
Security update for the Linux Kernel (Live Patch 18 for SLE 15 SP4)
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel (Live Patch 18 for SLE 15 SP4)
Description of the patch: This update for the Linux Kernel 5.14.21-150400_24_88 fixes several issues.
The following security issues were fixed:
- CVE-2023-3777: Fixed a use-after-free vulnerability in netfilter: nf_tables component can be exploited to achieve local privilege escalation. (bsc#1215097)
- CVE-2023-5345: Fixed an use-after-free vulnerability in the fs/smb/client component which could be exploited to achieve local privilege escalation. (bsc#1215971)
- CVE-2023-4622: Fixed a use-after-free vulnerability in the Unix domain sockets component which could be exploited to achieve local privilege escalation (bsc#1215442).
- CVE-2023-2163: Fixed an incorrect verifier pruning in BPF that could lead to unsafe code paths being incorrectly marked as safe, resulting in arbitrary read/write in kernel memory, lateral privilege escalation, and container escape. (bsc#1215519)
Patchnames: SUSE-2023-4801,SUSE-SLE-Module-Live-Patching-15-SP4-2023-4801
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.1 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_88-default-3-150400.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_88-default-3-150400.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_88-default-3-150400.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_88-default-3-150400.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_88-default-3-150400.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_88-default-3-150400.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_88-default-3-150400.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_88-default-3-150400.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_88-default-3-150400.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_88-default-3-150400.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_88-default-3-150400.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_88-default-3-150400.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
26 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel (Live Patch 18 for SLE 15 SP4)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for the Linux Kernel 5.14.21-150400_24_88 fixes several issues.\n\nThe following security issues were fixed:\n\n- CVE-2023-3777: Fixed a use-after-free vulnerability in netfilter: nf_tables component can be exploited to achieve local privilege escalation. (bsc#1215097)\n- CVE-2023-5345: Fixed an use-after-free vulnerability in the fs/smb/client component which could be exploited to achieve local privilege escalation. (bsc#1215971)\n- CVE-2023-4622: Fixed a use-after-free vulnerability in the Unix domain sockets component which could be exploited to achieve local privilege escalation (bsc#1215442).\n- CVE-2023-2163: Fixed an incorrect verifier pruning in BPF that could lead to unsafe code paths being incorrectly marked as safe, resulting in arbitrary read/write in kernel memory, lateral privilege escalation, and container escape. (bsc#1215519)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2023-4801,SUSE-SLE-Module-Live-Patching-15-SP4-2023-4801",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_4801-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2023:4801-1",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20234801-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2023:4801-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-December/017337.html"
},
{
"category": "self",
"summary": "SUSE Bug 1215097",
"url": "https://bugzilla.suse.com/1215097"
},
{
"category": "self",
"summary": "SUSE Bug 1215442",
"url": "https://bugzilla.suse.com/1215442"
},
{
"category": "self",
"summary": "SUSE Bug 1215519",
"url": "https://bugzilla.suse.com/1215519"
},
{
"category": "self",
"summary": "SUSE Bug 1215971",
"url": "https://bugzilla.suse.com/1215971"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-2163 page",
"url": "https://www.suse.com/security/cve/CVE-2023-2163/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-3777 page",
"url": "https://www.suse.com/security/cve/CVE-2023-3777/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-4622 page",
"url": "https://www.suse.com/security/cve/CVE-2023-4622/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-5345 page",
"url": "https://www.suse.com/security/cve/CVE-2023-5345/"
}
],
"title": "Security update for the Linux Kernel (Live Patch 18 for SLE 15 SP4)",
"tracking": {
"current_release_date": "2023-12-13T16:33:44Z",
"generator": {
"date": "2023-12-13T16:33:44Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2023:4801-1",
"initial_release_date": "2023-12-13T16:33:44Z",
"revision_history": [
{
"date": "2023-12-13T16:33:44Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150400_24_88-default-3-150400.2.1.ppc64le",
"product": {
"name": "kernel-livepatch-5_14_21-150400_24_88-default-3-150400.2.1.ppc64le",
"product_id": "kernel-livepatch-5_14_21-150400_24_88-default-3-150400.2.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150400_24_88-default-3-150400.2.1.s390x",
"product": {
"name": "kernel-livepatch-5_14_21-150400_24_88-default-3-150400.2.1.s390x",
"product_id": "kernel-livepatch-5_14_21-150400_24_88-default-3-150400.2.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150400_24_88-default-3-150400.2.1.x86_64",
"product": {
"name": "kernel-livepatch-5_14_21-150400_24_88-default-3-150400.2.1.x86_64",
"product_id": "kernel-livepatch-5_14_21-150400_24_88-default-3-150400.2.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15:sp4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_14_21-150400_24_88-default-3-150400.2.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_88-default-3-150400.2.1.ppc64le"
},
"product_reference": "kernel-livepatch-5_14_21-150400_24_88-default-3-150400.2.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_14_21-150400_24_88-default-3-150400.2.1.s390x as component of SUSE Linux Enterprise Live Patching 15 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_88-default-3-150400.2.1.s390x"
},
"product_reference": "kernel-livepatch-5_14_21-150400_24_88-default-3-150400.2.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_14_21-150400_24_88-default-3-150400.2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_88-default-3-150400.2.1.x86_64"
},
"product_reference": "kernel-livepatch-5_14_21-150400_24_88-default-3-150400.2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-2163",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-2163"
}
],
"notes": [
{
"category": "general",
"text": "Incorrect verifier pruning in BPF in Linux Kernel \u003e=5.4 leads to unsafe\ncode paths being incorrectly marked as safe, resulting in arbitrary read/write in\nkernel memory, lateral privilege escalation, and container escape.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_88-default-3-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_88-default-3-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_88-default-3-150400.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-2163",
"url": "https://www.suse.com/security/cve/CVE-2023-2163"
},
{
"category": "external",
"summary": "SUSE Bug 1215518 for CVE-2023-2163",
"url": "https://bugzilla.suse.com/1215518"
},
{
"category": "external",
"summary": "SUSE Bug 1215519 for CVE-2023-2163",
"url": "https://bugzilla.suse.com/1215519"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_88-default-3-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_88-default-3-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_88-default-3-150400.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_88-default-3-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_88-default-3-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_88-default-3-150400.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-12-13T16:33:44Z",
"details": "important"
}
],
"title": "CVE-2023-2163"
},
{
"cve": "CVE-2023-3777",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-3777"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free vulnerability in the Linux kernel\u0027s netfilter: nf_tables component can be exploited to achieve local privilege escalation.\n\nWhen nf_tables_delrule() is flushing table rules, it is not checked whether the chain is bound and the chain\u0027s owner rule can also release the objects in certain circumstances.\n\nWe recommend upgrading past commit 6eaf41e87a223ae6f8e7a28d6e78384ad7e407f8.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_88-default-3-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_88-default-3-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_88-default-3-150400.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-3777",
"url": "https://www.suse.com/security/cve/CVE-2023-3777"
},
{
"category": "external",
"summary": "SUSE Bug 1215095 for CVE-2023-3777",
"url": "https://bugzilla.suse.com/1215095"
},
{
"category": "external",
"summary": "SUSE Bug 1215097 for CVE-2023-3777",
"url": "https://bugzilla.suse.com/1215097"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_88-default-3-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_88-default-3-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_88-default-3-150400.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_88-default-3-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_88-default-3-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_88-default-3-150400.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-12-13T16:33:44Z",
"details": "important"
}
],
"title": "CVE-2023-3777"
},
{
"cve": "CVE-2023-4622",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-4622"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free vulnerability in the Linux kernel\u0027s af_unix component can be exploited to achieve local privilege escalation.\n\nThe unix_stream_sendpage() function tries to add data to the last skb in the peer\u0027s recv queue without locking the queue. Thus there is a race where unix_stream_sendpage() could access an skb locklessly that is being released by garbage collection, resulting in use-after-free.\n\nWe recommend upgrading past commit 790c2f9d15b594350ae9bca7b236f2b1859de02c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_88-default-3-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_88-default-3-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_88-default-3-150400.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-4622",
"url": "https://www.suse.com/security/cve/CVE-2023-4622"
},
{
"category": "external",
"summary": "SUSE Bug 1215117 for CVE-2023-4622",
"url": "https://bugzilla.suse.com/1215117"
},
{
"category": "external",
"summary": "SUSE Bug 1215442 for CVE-2023-4622",
"url": "https://bugzilla.suse.com/1215442"
},
{
"category": "external",
"summary": "SUSE Bug 1217531 for CVE-2023-4622",
"url": "https://bugzilla.suse.com/1217531"
},
{
"category": "external",
"summary": "SUSE Bug 1219699 for CVE-2023-4622",
"url": "https://bugzilla.suse.com/1219699"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_88-default-3-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_88-default-3-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_88-default-3-150400.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_88-default-3-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_88-default-3-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_88-default-3-150400.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-12-13T16:33:44Z",
"details": "important"
}
],
"title": "CVE-2023-4622"
},
{
"cve": "CVE-2023-5345",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-5345"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free vulnerability in the Linux kernel\u0027s fs/smb/client component can be exploited to achieve local privilege escalation.\n\nIn case of an error in smb3_fs_context_parse_param, ctx-\u003epassword was freed but the field was not set to NULL which could lead to double free.\n\nWe recommend upgrading past commit e6e43b8aa7cd3c3af686caf0c2e11819a886d705.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_88-default-3-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_88-default-3-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_88-default-3-150400.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-5345",
"url": "https://www.suse.com/security/cve/CVE-2023-5345"
},
{
"category": "external",
"summary": "SUSE Bug 1215899 for CVE-2023-5345",
"url": "https://bugzilla.suse.com/1215899"
},
{
"category": "external",
"summary": "SUSE Bug 1215971 for CVE-2023-5345",
"url": "https://bugzilla.suse.com/1215971"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_88-default-3-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_88-default-3-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_88-default-3-150400.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_88-default-3-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_88-default-3-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_88-default-3-150400.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-12-13T16:33:44Z",
"details": "important"
}
],
"title": "CVE-2023-5345"
}
]
}
SUSE-SU-2023:4805-1
Vulnerability from csaf_suse - Published: 2023-12-13 17:04 - Updated: 2023-12-13 17:04Summary
Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP5)
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP5)
Description of the patch: This update for the Linux Kernel 5.14.21-150500_53 fixes several issues.
The following security issues were fixed:
- CVE-2023-3610: Fixed use-after-free vulnerability in nf_tables can be exploited to achieve local privilege escalation (bsc#1213584).
- CVE-2023-3777: Fixed a use-after-free vulnerability in netfilter: nf_tables component can be exploited to achieve local privilege escalation. (bsc#1215097)
- CVE-2023-5345: Fixed an use-after-free vulnerability in the fs/smb/client component which could be exploited to achieve local privilege escalation. (bsc#1215971)
- CVE-2023-4622: Fixed a use-after-free vulnerability in the Unix domain sockets component which could be exploited to achieve local privilege escalation (bsc#1215442).
- CVE-2023-2163: Fixed an incorrect verifier pruning in BPF that could lead to unsafe code paths being incorrectly marked as safe, resulting in arbitrary read/write in kernel memory, lateral privilege escalation, and container escape. (bsc#1215519)
Patchnames: SUSE-2023-4800,SUSE-2023-4805,SUSE-2023-4806,SUSE-2023-4809,SUSE-2023-4819,SUSE-SLE-Module-Live-Patching-15-SP4-2023-4800,SUSE-SLE-Module-Live-Patching-15-SP5-2023-4806
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.1 (High)
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_74-default-5-150400.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_74-default-5-150400.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_74-default-5-150400.2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_53-default-6-150500.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_53-default-6-150500.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_53-default-6-150500.15.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_74-default-5-150400.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_74-default-5-150400.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_74-default-5-150400.2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_53-default-6-150500.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_53-default-6-150500.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_53-default-6-150500.15.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_74-default-5-150400.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_74-default-5-150400.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_74-default-5-150400.2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_53-default-6-150500.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_53-default-6-150500.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_53-default-6-150500.15.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_74-default-5-150400.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_74-default-5-150400.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_74-default-5-150400.2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_53-default-6-150500.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_53-default-6-150500.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_53-default-6-150500.15.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_74-default-5-150400.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_74-default-5-150400.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_74-default-5-150400.2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_53-default-6-150500.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_53-default-6-150500.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_53-default-6-150500.15.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
31 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP5)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for the Linux Kernel 5.14.21-150500_53 fixes several issues.\n\nThe following security issues were fixed:\n\n- CVE-2023-3610: Fixed use-after-free vulnerability in nf_tables can be exploited to achieve local privilege escalation (bsc#1213584).\n- CVE-2023-3777: Fixed a use-after-free vulnerability in netfilter: nf_tables component can be exploited to achieve local privilege escalation. (bsc#1215097)\n- CVE-2023-5345: Fixed an use-after-free vulnerability in the fs/smb/client component which could be exploited to achieve local privilege escalation. (bsc#1215971)\n- CVE-2023-4622: Fixed a use-after-free vulnerability in the Unix domain sockets component which could be exploited to achieve local privilege escalation (bsc#1215442).\n- CVE-2023-2163: Fixed an incorrect verifier pruning in BPF that could lead to unsafe code paths being incorrectly marked as safe, resulting in arbitrary read/write in kernel memory, lateral privilege escalation, and container escape. (bsc#1215519)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2023-4800,SUSE-2023-4805,SUSE-2023-4806,SUSE-2023-4809,SUSE-2023-4819,SUSE-SLE-Module-Live-Patching-15-SP4-2023-4800,SUSE-SLE-Module-Live-Patching-15-SP5-2023-4806",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_4805-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2023:4805-1",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20234805-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2023:4805-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-December/017338.html"
},
{
"category": "self",
"summary": "SUSE Bug 1213584",
"url": "https://bugzilla.suse.com/1213584"
},
{
"category": "self",
"summary": "SUSE Bug 1215097",
"url": "https://bugzilla.suse.com/1215097"
},
{
"category": "self",
"summary": "SUSE Bug 1215442",
"url": "https://bugzilla.suse.com/1215442"
},
{
"category": "self",
"summary": "SUSE Bug 1215519",
"url": "https://bugzilla.suse.com/1215519"
},
{
"category": "self",
"summary": "SUSE Bug 1215971",
"url": "https://bugzilla.suse.com/1215971"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-2163 page",
"url": "https://www.suse.com/security/cve/CVE-2023-2163/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-3610 page",
"url": "https://www.suse.com/security/cve/CVE-2023-3610/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-3777 page",
"url": "https://www.suse.com/security/cve/CVE-2023-3777/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-4622 page",
"url": "https://www.suse.com/security/cve/CVE-2023-4622/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-5345 page",
"url": "https://www.suse.com/security/cve/CVE-2023-5345/"
}
],
"title": "Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP5)",
"tracking": {
"current_release_date": "2023-12-13T17:04:25Z",
"generator": {
"date": "2023-12-13T17:04:25Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2023:4805-1",
"initial_release_date": "2023-12-13T17:04:25Z",
"revision_history": [
{
"date": "2023-12-13T17:04:25Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150400_24_74-default-5-150400.2.1.ppc64le",
"product": {
"name": "kernel-livepatch-5_14_21-150400_24_74-default-5-150400.2.1.ppc64le",
"product_id": "kernel-livepatch-5_14_21-150400_24_74-default-5-150400.2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150400_24_41-default-11-150400.2.2.ppc64le",
"product": {
"name": "kernel-livepatch-5_14_21-150400_24_41-default-11-150400.2.2.ppc64le",
"product_id": "kernel-livepatch-5_14_21-150400_24_41-default-11-150400.2.2.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150500_53-default-6-150500.15.1.ppc64le",
"product": {
"name": "kernel-livepatch-5_14_21-150500_53-default-6-150500.15.1.ppc64le",
"product_id": "kernel-livepatch-5_14_21-150500_53-default-6-150500.15.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150400_24_63-default-8-150400.2.1.ppc64le",
"product": {
"name": "kernel-livepatch-5_14_21-150400_24_63-default-8-150400.2.1.ppc64le",
"product_id": "kernel-livepatch-5_14_21-150400_24_63-default-8-150400.2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150500_55_7-default-5-150500.2.1.ppc64le",
"product": {
"name": "kernel-livepatch-5_14_21-150500_55_7-default-5-150500.2.1.ppc64le",
"product_id": "kernel-livepatch-5_14_21-150500_55_7-default-5-150500.2.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150400_24_74-default-5-150400.2.1.s390x",
"product": {
"name": "kernel-livepatch-5_14_21-150400_24_74-default-5-150400.2.1.s390x",
"product_id": "kernel-livepatch-5_14_21-150400_24_74-default-5-150400.2.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150400_24_41-default-11-150400.2.2.s390x",
"product": {
"name": "kernel-livepatch-5_14_21-150400_24_41-default-11-150400.2.2.s390x",
"product_id": "kernel-livepatch-5_14_21-150400_24_41-default-11-150400.2.2.s390x"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150500_53-default-6-150500.15.1.s390x",
"product": {
"name": "kernel-livepatch-5_14_21-150500_53-default-6-150500.15.1.s390x",
"product_id": "kernel-livepatch-5_14_21-150500_53-default-6-150500.15.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150400_24_63-default-8-150400.2.1.s390x",
"product": {
"name": "kernel-livepatch-5_14_21-150400_24_63-default-8-150400.2.1.s390x",
"product_id": "kernel-livepatch-5_14_21-150400_24_63-default-8-150400.2.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150500_55_7-default-5-150500.2.1.s390x",
"product": {
"name": "kernel-livepatch-5_14_21-150500_55_7-default-5-150500.2.1.s390x",
"product_id": "kernel-livepatch-5_14_21-150500_55_7-default-5-150500.2.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150400_24_74-default-5-150400.2.1.x86_64",
"product": {
"name": "kernel-livepatch-5_14_21-150400_24_74-default-5-150400.2.1.x86_64",
"product_id": "kernel-livepatch-5_14_21-150400_24_74-default-5-150400.2.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150400_24_41-default-11-150400.2.2.x86_64",
"product": {
"name": "kernel-livepatch-5_14_21-150400_24_41-default-11-150400.2.2.x86_64",
"product_id": "kernel-livepatch-5_14_21-150400_24_41-default-11-150400.2.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150500_53-default-6-150500.15.1.x86_64",
"product": {
"name": "kernel-livepatch-5_14_21-150500_53-default-6-150500.15.1.x86_64",
"product_id": "kernel-livepatch-5_14_21-150500_53-default-6-150500.15.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150400_24_63-default-8-150400.2.1.x86_64",
"product": {
"name": "kernel-livepatch-5_14_21-150400_24_63-default-8-150400.2.1.x86_64",
"product_id": "kernel-livepatch-5_14_21-150400_24_63-default-8-150400.2.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150500_55_7-default-5-150500.2.1.x86_64",
"product": {
"name": "kernel-livepatch-5_14_21-150500_55_7-default-5-150500.2.1.x86_64",
"product_id": "kernel-livepatch-5_14_21-150500_55_7-default-5-150500.2.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_14_21-150400_24_74-default-5-150400.2.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_74-default-5-150400.2.1.ppc64le"
},
"product_reference": "kernel-livepatch-5_14_21-150400_24_74-default-5-150400.2.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_14_21-150400_24_74-default-5-150400.2.1.s390x as component of SUSE Linux Enterprise Live Patching 15 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_74-default-5-150400.2.1.s390x"
},
"product_reference": "kernel-livepatch-5_14_21-150400_24_74-default-5-150400.2.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_14_21-150400_24_74-default-5-150400.2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_74-default-5-150400.2.1.x86_64"
},
"product_reference": "kernel-livepatch-5_14_21-150400_24_74-default-5-150400.2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_14_21-150500_53-default-6-150500.15.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_53-default-6-150500.15.1.ppc64le"
},
"product_reference": "kernel-livepatch-5_14_21-150500_53-default-6-150500.15.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_14_21-150500_53-default-6-150500.15.1.s390x as component of SUSE Linux Enterprise Live Patching 15 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_53-default-6-150500.15.1.s390x"
},
"product_reference": "kernel-livepatch-5_14_21-150500_53-default-6-150500.15.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_14_21-150500_53-default-6-150500.15.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_53-default-6-150500.15.1.x86_64"
},
"product_reference": "kernel-livepatch-5_14_21-150500_53-default-6-150500.15.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-2163",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-2163"
}
],
"notes": [
{
"category": "general",
"text": "Incorrect verifier pruning in BPF in Linux Kernel \u003e=5.4 leads to unsafe\ncode paths being incorrectly marked as safe, resulting in arbitrary read/write in\nkernel memory, lateral privilege escalation, and container escape.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_74-default-5-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_74-default-5-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_74-default-5-150400.2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_53-default-6-150500.15.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_53-default-6-150500.15.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_53-default-6-150500.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-2163",
"url": "https://www.suse.com/security/cve/CVE-2023-2163"
},
{
"category": "external",
"summary": "SUSE Bug 1215518 for CVE-2023-2163",
"url": "https://bugzilla.suse.com/1215518"
},
{
"category": "external",
"summary": "SUSE Bug 1215519 for CVE-2023-2163",
"url": "https://bugzilla.suse.com/1215519"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_74-default-5-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_74-default-5-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_74-default-5-150400.2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_53-default-6-150500.15.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_53-default-6-150500.15.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_53-default-6-150500.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_74-default-5-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_74-default-5-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_74-default-5-150400.2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_53-default-6-150500.15.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_53-default-6-150500.15.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_53-default-6-150500.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-12-13T17:04:25Z",
"details": "important"
}
],
"title": "CVE-2023-2163"
},
{
"cve": "CVE-2023-3610",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-3610"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free vulnerability in the Linux kernel\u0027s netfilter: nf_tables component can be exploited to achieve local privilege escalation.\n\nFlaw in the error handling of bound chains causes a use-after-free in the abort path of NFT_MSG_NEWRULE. The vulnerability requires CAP_NET_ADMIN to be triggered.\n\nWe recommend upgrading past commit 4bedf9eee016286c835e3d8fa981ddece5338795.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_74-default-5-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_74-default-5-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_74-default-5-150400.2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_53-default-6-150500.15.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_53-default-6-150500.15.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_53-default-6-150500.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-3610",
"url": "https://www.suse.com/security/cve/CVE-2023-3610"
},
{
"category": "external",
"summary": "SUSE Bug 1213580 for CVE-2023-3610",
"url": "https://bugzilla.suse.com/1213580"
},
{
"category": "external",
"summary": "SUSE Bug 1213584 for CVE-2023-3610",
"url": "https://bugzilla.suse.com/1213584"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_74-default-5-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_74-default-5-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_74-default-5-150400.2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_53-default-6-150500.15.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_53-default-6-150500.15.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_53-default-6-150500.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_74-default-5-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_74-default-5-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_74-default-5-150400.2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_53-default-6-150500.15.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_53-default-6-150500.15.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_53-default-6-150500.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-12-13T17:04:25Z",
"details": "important"
}
],
"title": "CVE-2023-3610"
},
{
"cve": "CVE-2023-3777",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-3777"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free vulnerability in the Linux kernel\u0027s netfilter: nf_tables component can be exploited to achieve local privilege escalation.\n\nWhen nf_tables_delrule() is flushing table rules, it is not checked whether the chain is bound and the chain\u0027s owner rule can also release the objects in certain circumstances.\n\nWe recommend upgrading past commit 6eaf41e87a223ae6f8e7a28d6e78384ad7e407f8.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_74-default-5-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_74-default-5-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_74-default-5-150400.2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_53-default-6-150500.15.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_53-default-6-150500.15.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_53-default-6-150500.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-3777",
"url": "https://www.suse.com/security/cve/CVE-2023-3777"
},
{
"category": "external",
"summary": "SUSE Bug 1215095 for CVE-2023-3777",
"url": "https://bugzilla.suse.com/1215095"
},
{
"category": "external",
"summary": "SUSE Bug 1215097 for CVE-2023-3777",
"url": "https://bugzilla.suse.com/1215097"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_74-default-5-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_74-default-5-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_74-default-5-150400.2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_53-default-6-150500.15.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_53-default-6-150500.15.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_53-default-6-150500.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_74-default-5-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_74-default-5-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_74-default-5-150400.2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_53-default-6-150500.15.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_53-default-6-150500.15.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_53-default-6-150500.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-12-13T17:04:25Z",
"details": "important"
}
],
"title": "CVE-2023-3777"
},
{
"cve": "CVE-2023-4622",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-4622"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free vulnerability in the Linux kernel\u0027s af_unix component can be exploited to achieve local privilege escalation.\n\nThe unix_stream_sendpage() function tries to add data to the last skb in the peer\u0027s recv queue without locking the queue. Thus there is a race where unix_stream_sendpage() could access an skb locklessly that is being released by garbage collection, resulting in use-after-free.\n\nWe recommend upgrading past commit 790c2f9d15b594350ae9bca7b236f2b1859de02c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_74-default-5-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_74-default-5-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_74-default-5-150400.2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_53-default-6-150500.15.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_53-default-6-150500.15.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_53-default-6-150500.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-4622",
"url": "https://www.suse.com/security/cve/CVE-2023-4622"
},
{
"category": "external",
"summary": "SUSE Bug 1215117 for CVE-2023-4622",
"url": "https://bugzilla.suse.com/1215117"
},
{
"category": "external",
"summary": "SUSE Bug 1215442 for CVE-2023-4622",
"url": "https://bugzilla.suse.com/1215442"
},
{
"category": "external",
"summary": "SUSE Bug 1217531 for CVE-2023-4622",
"url": "https://bugzilla.suse.com/1217531"
},
{
"category": "external",
"summary": "SUSE Bug 1219699 for CVE-2023-4622",
"url": "https://bugzilla.suse.com/1219699"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_74-default-5-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_74-default-5-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_74-default-5-150400.2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_53-default-6-150500.15.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_53-default-6-150500.15.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_53-default-6-150500.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_74-default-5-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_74-default-5-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_74-default-5-150400.2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_53-default-6-150500.15.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_53-default-6-150500.15.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_53-default-6-150500.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-12-13T17:04:25Z",
"details": "important"
}
],
"title": "CVE-2023-4622"
},
{
"cve": "CVE-2023-5345",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-5345"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free vulnerability in the Linux kernel\u0027s fs/smb/client component can be exploited to achieve local privilege escalation.\n\nIn case of an error in smb3_fs_context_parse_param, ctx-\u003epassword was freed but the field was not set to NULL which could lead to double free.\n\nWe recommend upgrading past commit e6e43b8aa7cd3c3af686caf0c2e11819a886d705.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_74-default-5-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_74-default-5-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_74-default-5-150400.2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_53-default-6-150500.15.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_53-default-6-150500.15.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_53-default-6-150500.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-5345",
"url": "https://www.suse.com/security/cve/CVE-2023-5345"
},
{
"category": "external",
"summary": "SUSE Bug 1215899 for CVE-2023-5345",
"url": "https://bugzilla.suse.com/1215899"
},
{
"category": "external",
"summary": "SUSE Bug 1215971 for CVE-2023-5345",
"url": "https://bugzilla.suse.com/1215971"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_74-default-5-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_74-default-5-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_74-default-5-150400.2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_53-default-6-150500.15.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_53-default-6-150500.15.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_53-default-6-150500.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_74-default-5-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_74-default-5-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_74-default-5-150400.2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_53-default-6-150500.15.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_53-default-6-150500.15.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_53-default-6-150500.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-12-13T17:04:25Z",
"details": "important"
}
],
"title": "CVE-2023-5345"
}
]
}
SUSE-SU-2023:4822-1
Vulnerability from csaf_suse - Published: 2023-12-13 20:33 - Updated: 2023-12-13 20:33Summary
Security update for the Linux Kernel (Live Patch 11 for SLE 15 SP4)
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel (Live Patch 11 for SLE 15 SP4)
Description of the patch: This update for the Linux Kernel 5.14.21-150400_24_60 fixes several issues.
The following security issues were fixed:
- CVE-2023-3610: Fixed use-after-free vulnerability in nf_tables can be exploited to achieve local privilege escalation (bsc#1213584).
- CVE-2023-3777: Fixed a use-after-free vulnerability in netfilter: nf_tables component can be exploited to achieve local privilege escalation. (bsc#1215097)
- CVE-2023-5345: Fixed an use-after-free vulnerability in the fs/smb/client component which could be exploited to achieve local privilege escalation. (bsc#1215971)
- CVE-2023-4622: Fixed a use-after-free vulnerability in the Unix domain sockets component which could be exploited to achieve local privilege escalation (bsc#1215442).
- CVE-2023-2163: Fixed an incorrect verifier pruning in BPF that could lead to unsafe code paths being incorrectly marked as safe, resulting in arbitrary read/write in kernel memory, lateral privilege escalation, and container escape. (bsc#1215519)
Patchnames: SUSE-2023-4822,SUSE-SLE-Module-Live-Patching-15-SP4-2023-4822
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.1 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_60-default-8-150400.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_60-default-8-150400.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_60-default-8-150400.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_60-default-8-150400.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_60-default-8-150400.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_60-default-8-150400.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_60-default-8-150400.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_60-default-8-150400.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_60-default-8-150400.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_60-default-8-150400.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_60-default-8-150400.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_60-default-8-150400.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_60-default-8-150400.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_60-default-8-150400.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_60-default-8-150400.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
31 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel (Live Patch 11 for SLE 15 SP4)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for the Linux Kernel 5.14.21-150400_24_60 fixes several issues.\n\nThe following security issues were fixed:\n\n- CVE-2023-3610: Fixed use-after-free vulnerability in nf_tables can be exploited to achieve local privilege escalation (bsc#1213584).\n- CVE-2023-3777: Fixed a use-after-free vulnerability in netfilter: nf_tables component can be exploited to achieve local privilege escalation. (bsc#1215097)\n- CVE-2023-5345: Fixed an use-after-free vulnerability in the fs/smb/client component which could be exploited to achieve local privilege escalation. (bsc#1215971)\n- CVE-2023-4622: Fixed a use-after-free vulnerability in the Unix domain sockets component which could be exploited to achieve local privilege escalation (bsc#1215442).\n- CVE-2023-2163: Fixed an incorrect verifier pruning in BPF that could lead to unsafe code paths being incorrectly marked as safe, resulting in arbitrary read/write in kernel memory, lateral privilege escalation, and container escape. (bsc#1215519)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2023-4822,SUSE-SLE-Module-Live-Patching-15-SP4-2023-4822",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_4822-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2023:4822-1",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20234822-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2023:4822-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-December/017351.html"
},
{
"category": "self",
"summary": "SUSE Bug 1213584",
"url": "https://bugzilla.suse.com/1213584"
},
{
"category": "self",
"summary": "SUSE Bug 1215097",
"url": "https://bugzilla.suse.com/1215097"
},
{
"category": "self",
"summary": "SUSE Bug 1215442",
"url": "https://bugzilla.suse.com/1215442"
},
{
"category": "self",
"summary": "SUSE Bug 1215519",
"url": "https://bugzilla.suse.com/1215519"
},
{
"category": "self",
"summary": "SUSE Bug 1215971",
"url": "https://bugzilla.suse.com/1215971"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-2163 page",
"url": "https://www.suse.com/security/cve/CVE-2023-2163/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-3610 page",
"url": "https://www.suse.com/security/cve/CVE-2023-3610/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-3777 page",
"url": "https://www.suse.com/security/cve/CVE-2023-3777/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-4622 page",
"url": "https://www.suse.com/security/cve/CVE-2023-4622/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-5345 page",
"url": "https://www.suse.com/security/cve/CVE-2023-5345/"
}
],
"title": "Security update for the Linux Kernel (Live Patch 11 for SLE 15 SP4)",
"tracking": {
"current_release_date": "2023-12-13T20:33:46Z",
"generator": {
"date": "2023-12-13T20:33:46Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2023:4822-1",
"initial_release_date": "2023-12-13T20:33:46Z",
"revision_history": [
{
"date": "2023-12-13T20:33:46Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150400_24_60-default-8-150400.2.1.ppc64le",
"product": {
"name": "kernel-livepatch-5_14_21-150400_24_60-default-8-150400.2.1.ppc64le",
"product_id": "kernel-livepatch-5_14_21-150400_24_60-default-8-150400.2.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150400_24_60-default-8-150400.2.1.s390x",
"product": {
"name": "kernel-livepatch-5_14_21-150400_24_60-default-8-150400.2.1.s390x",
"product_id": "kernel-livepatch-5_14_21-150400_24_60-default-8-150400.2.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150400_24_60-default-8-150400.2.1.x86_64",
"product": {
"name": "kernel-livepatch-5_14_21-150400_24_60-default-8-150400.2.1.x86_64",
"product_id": "kernel-livepatch-5_14_21-150400_24_60-default-8-150400.2.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15:sp4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_14_21-150400_24_60-default-8-150400.2.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_60-default-8-150400.2.1.ppc64le"
},
"product_reference": "kernel-livepatch-5_14_21-150400_24_60-default-8-150400.2.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_14_21-150400_24_60-default-8-150400.2.1.s390x as component of SUSE Linux Enterprise Live Patching 15 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_60-default-8-150400.2.1.s390x"
},
"product_reference": "kernel-livepatch-5_14_21-150400_24_60-default-8-150400.2.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_14_21-150400_24_60-default-8-150400.2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_60-default-8-150400.2.1.x86_64"
},
"product_reference": "kernel-livepatch-5_14_21-150400_24_60-default-8-150400.2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-2163",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-2163"
}
],
"notes": [
{
"category": "general",
"text": "Incorrect verifier pruning in BPF in Linux Kernel \u003e=5.4 leads to unsafe\ncode paths being incorrectly marked as safe, resulting in arbitrary read/write in\nkernel memory, lateral privilege escalation, and container escape.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_60-default-8-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_60-default-8-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_60-default-8-150400.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-2163",
"url": "https://www.suse.com/security/cve/CVE-2023-2163"
},
{
"category": "external",
"summary": "SUSE Bug 1215518 for CVE-2023-2163",
"url": "https://bugzilla.suse.com/1215518"
},
{
"category": "external",
"summary": "SUSE Bug 1215519 for CVE-2023-2163",
"url": "https://bugzilla.suse.com/1215519"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_60-default-8-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_60-default-8-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_60-default-8-150400.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_60-default-8-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_60-default-8-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_60-default-8-150400.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-12-13T20:33:46Z",
"details": "important"
}
],
"title": "CVE-2023-2163"
},
{
"cve": "CVE-2023-3610",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-3610"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free vulnerability in the Linux kernel\u0027s netfilter: nf_tables component can be exploited to achieve local privilege escalation.\n\nFlaw in the error handling of bound chains causes a use-after-free in the abort path of NFT_MSG_NEWRULE. The vulnerability requires CAP_NET_ADMIN to be triggered.\n\nWe recommend upgrading past commit 4bedf9eee016286c835e3d8fa981ddece5338795.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_60-default-8-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_60-default-8-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_60-default-8-150400.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-3610",
"url": "https://www.suse.com/security/cve/CVE-2023-3610"
},
{
"category": "external",
"summary": "SUSE Bug 1213580 for CVE-2023-3610",
"url": "https://bugzilla.suse.com/1213580"
},
{
"category": "external",
"summary": "SUSE Bug 1213584 for CVE-2023-3610",
"url": "https://bugzilla.suse.com/1213584"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_60-default-8-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_60-default-8-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_60-default-8-150400.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_60-default-8-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_60-default-8-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_60-default-8-150400.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-12-13T20:33:46Z",
"details": "important"
}
],
"title": "CVE-2023-3610"
},
{
"cve": "CVE-2023-3777",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-3777"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free vulnerability in the Linux kernel\u0027s netfilter: nf_tables component can be exploited to achieve local privilege escalation.\n\nWhen nf_tables_delrule() is flushing table rules, it is not checked whether the chain is bound and the chain\u0027s owner rule can also release the objects in certain circumstances.\n\nWe recommend upgrading past commit 6eaf41e87a223ae6f8e7a28d6e78384ad7e407f8.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_60-default-8-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_60-default-8-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_60-default-8-150400.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-3777",
"url": "https://www.suse.com/security/cve/CVE-2023-3777"
},
{
"category": "external",
"summary": "SUSE Bug 1215095 for CVE-2023-3777",
"url": "https://bugzilla.suse.com/1215095"
},
{
"category": "external",
"summary": "SUSE Bug 1215097 for CVE-2023-3777",
"url": "https://bugzilla.suse.com/1215097"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_60-default-8-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_60-default-8-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_60-default-8-150400.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_60-default-8-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_60-default-8-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_60-default-8-150400.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-12-13T20:33:46Z",
"details": "important"
}
],
"title": "CVE-2023-3777"
},
{
"cve": "CVE-2023-4622",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-4622"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free vulnerability in the Linux kernel\u0027s af_unix component can be exploited to achieve local privilege escalation.\n\nThe unix_stream_sendpage() function tries to add data to the last skb in the peer\u0027s recv queue without locking the queue. Thus there is a race where unix_stream_sendpage() could access an skb locklessly that is being released by garbage collection, resulting in use-after-free.\n\nWe recommend upgrading past commit 790c2f9d15b594350ae9bca7b236f2b1859de02c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_60-default-8-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_60-default-8-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_60-default-8-150400.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-4622",
"url": "https://www.suse.com/security/cve/CVE-2023-4622"
},
{
"category": "external",
"summary": "SUSE Bug 1215117 for CVE-2023-4622",
"url": "https://bugzilla.suse.com/1215117"
},
{
"category": "external",
"summary": "SUSE Bug 1215442 for CVE-2023-4622",
"url": "https://bugzilla.suse.com/1215442"
},
{
"category": "external",
"summary": "SUSE Bug 1217531 for CVE-2023-4622",
"url": "https://bugzilla.suse.com/1217531"
},
{
"category": "external",
"summary": "SUSE Bug 1219699 for CVE-2023-4622",
"url": "https://bugzilla.suse.com/1219699"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_60-default-8-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_60-default-8-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_60-default-8-150400.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_60-default-8-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_60-default-8-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_60-default-8-150400.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-12-13T20:33:46Z",
"details": "important"
}
],
"title": "CVE-2023-4622"
},
{
"cve": "CVE-2023-5345",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-5345"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free vulnerability in the Linux kernel\u0027s fs/smb/client component can be exploited to achieve local privilege escalation.\n\nIn case of an error in smb3_fs_context_parse_param, ctx-\u003epassword was freed but the field was not set to NULL which could lead to double free.\n\nWe recommend upgrading past commit e6e43b8aa7cd3c3af686caf0c2e11819a886d705.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_60-default-8-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_60-default-8-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_60-default-8-150400.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-5345",
"url": "https://www.suse.com/security/cve/CVE-2023-5345"
},
{
"category": "external",
"summary": "SUSE Bug 1215899 for CVE-2023-5345",
"url": "https://bugzilla.suse.com/1215899"
},
{
"category": "external",
"summary": "SUSE Bug 1215971 for CVE-2023-5345",
"url": "https://bugzilla.suse.com/1215971"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_60-default-8-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_60-default-8-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_60-default-8-150400.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_60-default-8-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_60-default-8-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_60-default-8-150400.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-12-13T20:33:46Z",
"details": "important"
}
],
"title": "CVE-2023-5345"
}
]
}
SUSE-SU-2023:4841-1
Vulnerability from csaf_suse - Published: 2023-12-14 10:35 - Updated: 2023-12-14 10:35Summary
Security update for the Linux Kernel (Live Patch 2 for SLE 15 SP5)
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel (Live Patch 2 for SLE 15 SP5)
Description of the patch: This update for the Linux Kernel 5.14.21-150500_55_12 fixes several issues.
The following security issues were fixed:
- CVE-2023-3610: Fixed use-after-free vulnerability in nf_tables can be exploited to achieve local privilege escalation (bsc#1213584).
- CVE-2023-3777: Fixed a use-after-free vulnerability in netfilter: nf_tables component can be exploited to achieve local privilege escalation. (bsc#1215097)
- CVE-2023-5345: Fixed an use-after-free vulnerability in the fs/smb/client component which could be exploited to achieve local privilege escalation. (bsc#1215971)
- CVE-2023-4622: Fixed a use-after-free vulnerability in the Unix domain sockets component which could be exploited to achieve local privilege escalation (bsc#1215442).
- CVE-2023-2163: Fixed an incorrect verifier pruning in BPF that could lead to unsafe code paths being incorrectly marked as safe, resulting in arbitrary read/write in kernel memory, lateral privilege escalation, and container escape. (bsc#1215519)
Patchnames: SUSE-2023-4841,SUSE-SLE-Module-Live-Patching-15-SP5-2023-4841
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.1 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_12-default-5-150500.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_12-default-5-150500.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_12-default-5-150500.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_12-default-5-150500.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_12-default-5-150500.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_12-default-5-150500.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_12-default-5-150500.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_12-default-5-150500.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_12-default-5-150500.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_12-default-5-150500.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_12-default-5-150500.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_12-default-5-150500.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_12-default-5-150500.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_12-default-5-150500.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_12-default-5-150500.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
31 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel (Live Patch 2 for SLE 15 SP5)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for the Linux Kernel 5.14.21-150500_55_12 fixes several issues.\n\nThe following security issues were fixed:\n\n- CVE-2023-3610: Fixed use-after-free vulnerability in nf_tables can be exploited to achieve local privilege escalation (bsc#1213584).\n- CVE-2023-3777: Fixed a use-after-free vulnerability in netfilter: nf_tables component can be exploited to achieve local privilege escalation. (bsc#1215097)\n- CVE-2023-5345: Fixed an use-after-free vulnerability in the fs/smb/client component which could be exploited to achieve local privilege escalation. (bsc#1215971)\n- CVE-2023-4622: Fixed a use-after-free vulnerability in the Unix domain sockets component which could be exploited to achieve local privilege escalation (bsc#1215442).\n- CVE-2023-2163: Fixed an incorrect verifier pruning in BPF that could lead to unsafe code paths being incorrectly marked as safe, resulting in arbitrary read/write in kernel memory, lateral privilege escalation, and container escape. (bsc#1215519)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2023-4841,SUSE-SLE-Module-Live-Patching-15-SP5-2023-4841",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_4841-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2023:4841-1",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20234841-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2023:4841-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-December/017353.html"
},
{
"category": "self",
"summary": "SUSE Bug 1213584",
"url": "https://bugzilla.suse.com/1213584"
},
{
"category": "self",
"summary": "SUSE Bug 1215097",
"url": "https://bugzilla.suse.com/1215097"
},
{
"category": "self",
"summary": "SUSE Bug 1215442",
"url": "https://bugzilla.suse.com/1215442"
},
{
"category": "self",
"summary": "SUSE Bug 1215519",
"url": "https://bugzilla.suse.com/1215519"
},
{
"category": "self",
"summary": "SUSE Bug 1215971",
"url": "https://bugzilla.suse.com/1215971"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-2163 page",
"url": "https://www.suse.com/security/cve/CVE-2023-2163/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-3610 page",
"url": "https://www.suse.com/security/cve/CVE-2023-3610/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-3777 page",
"url": "https://www.suse.com/security/cve/CVE-2023-3777/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-4622 page",
"url": "https://www.suse.com/security/cve/CVE-2023-4622/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-5345 page",
"url": "https://www.suse.com/security/cve/CVE-2023-5345/"
}
],
"title": "Security update for the Linux Kernel (Live Patch 2 for SLE 15 SP5)",
"tracking": {
"current_release_date": "2023-12-14T10:35:02Z",
"generator": {
"date": "2023-12-14T10:35:02Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2023:4841-1",
"initial_release_date": "2023-12-14T10:35:02Z",
"revision_history": [
{
"date": "2023-12-14T10:35:02Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150500_55_12-default-5-150500.2.1.ppc64le",
"product": {
"name": "kernel-livepatch-5_14_21-150500_55_12-default-5-150500.2.1.ppc64le",
"product_id": "kernel-livepatch-5_14_21-150500_55_12-default-5-150500.2.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150500_55_12-default-5-150500.2.1.s390x",
"product": {
"name": "kernel-livepatch-5_14_21-150500_55_12-default-5-150500.2.1.s390x",
"product_id": "kernel-livepatch-5_14_21-150500_55_12-default-5-150500.2.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150500_55_12-default-5-150500.2.1.x86_64",
"product": {
"name": "kernel-livepatch-5_14_21-150500_55_12-default-5-150500.2.1.x86_64",
"product_id": "kernel-livepatch-5_14_21-150500_55_12-default-5-150500.2.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_14_21-150500_55_12-default-5-150500.2.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_12-default-5-150500.2.1.ppc64le"
},
"product_reference": "kernel-livepatch-5_14_21-150500_55_12-default-5-150500.2.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_14_21-150500_55_12-default-5-150500.2.1.s390x as component of SUSE Linux Enterprise Live Patching 15 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_12-default-5-150500.2.1.s390x"
},
"product_reference": "kernel-livepatch-5_14_21-150500_55_12-default-5-150500.2.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_14_21-150500_55_12-default-5-150500.2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_12-default-5-150500.2.1.x86_64"
},
"product_reference": "kernel-livepatch-5_14_21-150500_55_12-default-5-150500.2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-2163",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-2163"
}
],
"notes": [
{
"category": "general",
"text": "Incorrect verifier pruning in BPF in Linux Kernel \u003e=5.4 leads to unsafe\ncode paths being incorrectly marked as safe, resulting in arbitrary read/write in\nkernel memory, lateral privilege escalation, and container escape.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_12-default-5-150500.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_12-default-5-150500.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_12-default-5-150500.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-2163",
"url": "https://www.suse.com/security/cve/CVE-2023-2163"
},
{
"category": "external",
"summary": "SUSE Bug 1215518 for CVE-2023-2163",
"url": "https://bugzilla.suse.com/1215518"
},
{
"category": "external",
"summary": "SUSE Bug 1215519 for CVE-2023-2163",
"url": "https://bugzilla.suse.com/1215519"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_12-default-5-150500.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_12-default-5-150500.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_12-default-5-150500.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_12-default-5-150500.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_12-default-5-150500.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_12-default-5-150500.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-12-14T10:35:02Z",
"details": "important"
}
],
"title": "CVE-2023-2163"
},
{
"cve": "CVE-2023-3610",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-3610"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free vulnerability in the Linux kernel\u0027s netfilter: nf_tables component can be exploited to achieve local privilege escalation.\n\nFlaw in the error handling of bound chains causes a use-after-free in the abort path of NFT_MSG_NEWRULE. The vulnerability requires CAP_NET_ADMIN to be triggered.\n\nWe recommend upgrading past commit 4bedf9eee016286c835e3d8fa981ddece5338795.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_12-default-5-150500.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_12-default-5-150500.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_12-default-5-150500.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-3610",
"url": "https://www.suse.com/security/cve/CVE-2023-3610"
},
{
"category": "external",
"summary": "SUSE Bug 1213580 for CVE-2023-3610",
"url": "https://bugzilla.suse.com/1213580"
},
{
"category": "external",
"summary": "SUSE Bug 1213584 for CVE-2023-3610",
"url": "https://bugzilla.suse.com/1213584"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_12-default-5-150500.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_12-default-5-150500.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_12-default-5-150500.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_12-default-5-150500.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_12-default-5-150500.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_12-default-5-150500.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-12-14T10:35:02Z",
"details": "important"
}
],
"title": "CVE-2023-3610"
},
{
"cve": "CVE-2023-3777",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-3777"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free vulnerability in the Linux kernel\u0027s netfilter: nf_tables component can be exploited to achieve local privilege escalation.\n\nWhen nf_tables_delrule() is flushing table rules, it is not checked whether the chain is bound and the chain\u0027s owner rule can also release the objects in certain circumstances.\n\nWe recommend upgrading past commit 6eaf41e87a223ae6f8e7a28d6e78384ad7e407f8.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_12-default-5-150500.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_12-default-5-150500.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_12-default-5-150500.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-3777",
"url": "https://www.suse.com/security/cve/CVE-2023-3777"
},
{
"category": "external",
"summary": "SUSE Bug 1215095 for CVE-2023-3777",
"url": "https://bugzilla.suse.com/1215095"
},
{
"category": "external",
"summary": "SUSE Bug 1215097 for CVE-2023-3777",
"url": "https://bugzilla.suse.com/1215097"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_12-default-5-150500.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_12-default-5-150500.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_12-default-5-150500.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_12-default-5-150500.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_12-default-5-150500.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_12-default-5-150500.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-12-14T10:35:02Z",
"details": "important"
}
],
"title": "CVE-2023-3777"
},
{
"cve": "CVE-2023-4622",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-4622"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free vulnerability in the Linux kernel\u0027s af_unix component can be exploited to achieve local privilege escalation.\n\nThe unix_stream_sendpage() function tries to add data to the last skb in the peer\u0027s recv queue without locking the queue. Thus there is a race where unix_stream_sendpage() could access an skb locklessly that is being released by garbage collection, resulting in use-after-free.\n\nWe recommend upgrading past commit 790c2f9d15b594350ae9bca7b236f2b1859de02c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_12-default-5-150500.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_12-default-5-150500.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_12-default-5-150500.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-4622",
"url": "https://www.suse.com/security/cve/CVE-2023-4622"
},
{
"category": "external",
"summary": "SUSE Bug 1215117 for CVE-2023-4622",
"url": "https://bugzilla.suse.com/1215117"
},
{
"category": "external",
"summary": "SUSE Bug 1215442 for CVE-2023-4622",
"url": "https://bugzilla.suse.com/1215442"
},
{
"category": "external",
"summary": "SUSE Bug 1217531 for CVE-2023-4622",
"url": "https://bugzilla.suse.com/1217531"
},
{
"category": "external",
"summary": "SUSE Bug 1219699 for CVE-2023-4622",
"url": "https://bugzilla.suse.com/1219699"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_12-default-5-150500.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_12-default-5-150500.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_12-default-5-150500.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_12-default-5-150500.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_12-default-5-150500.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_12-default-5-150500.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-12-14T10:35:02Z",
"details": "important"
}
],
"title": "CVE-2023-4622"
},
{
"cve": "CVE-2023-5345",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-5345"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free vulnerability in the Linux kernel\u0027s fs/smb/client component can be exploited to achieve local privilege escalation.\n\nIn case of an error in smb3_fs_context_parse_param, ctx-\u003epassword was freed but the field was not set to NULL which could lead to double free.\n\nWe recommend upgrading past commit e6e43b8aa7cd3c3af686caf0c2e11819a886d705.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_12-default-5-150500.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_12-default-5-150500.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_12-default-5-150500.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-5345",
"url": "https://www.suse.com/security/cve/CVE-2023-5345"
},
{
"category": "external",
"summary": "SUSE Bug 1215899 for CVE-2023-5345",
"url": "https://bugzilla.suse.com/1215899"
},
{
"category": "external",
"summary": "SUSE Bug 1215971 for CVE-2023-5345",
"url": "https://bugzilla.suse.com/1215971"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_12-default-5-150500.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_12-default-5-150500.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_12-default-5-150500.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_12-default-5-150500.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_12-default-5-150500.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_12-default-5-150500.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-12-14T10:35:02Z",
"details": "important"
}
],
"title": "CVE-2023-5345"
}
]
}
SUSE-SU-2023:4848-1
Vulnerability from csaf_suse - Published: 2023-12-14 13:06 - Updated: 2023-12-14 13:06Summary
Security update for the Linux Kernel (Live Patch 3 for SLE 15 SP5)
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel (Live Patch 3 for SLE 15 SP5)
Description of the patch: This update for the Linux Kernel 5.14.21-150500_55_19 fixes several issues.
The following security issues were fixed:
- CVE-2023-3610: Fixed use-after-free vulnerability in nf_tables can be exploited to achieve local privilege escalation (bsc#1213584).
- CVE-2023-3777: Fixed a use-after-free vulnerability in netfilter: nf_tables component can be exploited to achieve local privilege escalation. (bsc#1215097)
- CVE-2023-5345: Fixed an use-after-free vulnerability in the fs/smb/client component which could be exploited to achieve local privilege escalation. (bsc#1215971)
- CVE-2023-4622: Fixed a use-after-free vulnerability in the Unix domain sockets component which could be exploited to achieve local privilege escalation (bsc#1215442).
- CVE-2023-2163: Fixed an incorrect verifier pruning in BPF that could lead to unsafe code paths being incorrectly marked as safe, resulting in arbitrary read/write in kernel memory, lateral privilege escalation, and container escape. (bsc#1215519)
Patchnames: SUSE-2023-4848,SUSE-2023-4851,SUSE-2023-4857,SUSE-2023-4858,SUSE-2023-4859,SUSE-SLE-Module-Live-Patching-15-SP4-2023-4848,SUSE-SLE-Module-Live-Patching-15-SP5-2023-4857
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.1 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_5-rt-12-150400.2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_19-default-4-150500.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_19-default-4-150500.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_19-default-4-150500.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_5-rt-12-150400.2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_19-default-4-150500.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_19-default-4-150500.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_19-default-4-150500.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_5-rt-12-150400.2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_19-default-4-150500.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_19-default-4-150500.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_19-default-4-150500.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_5-rt-12-150400.2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_19-default-4-150500.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_19-default-4-150500.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_19-default-4-150500.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_5-rt-12-150400.2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_19-default-4-150500.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_19-default-4-150500.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_19-default-4-150500.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
31 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel (Live Patch 3 for SLE 15 SP5)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for the Linux Kernel 5.14.21-150500_55_19 fixes several issues.\n\nThe following security issues were fixed:\n\n- CVE-2023-3610: Fixed use-after-free vulnerability in nf_tables can be exploited to achieve local privilege escalation (bsc#1213584).\n- CVE-2023-3777: Fixed a use-after-free vulnerability in netfilter: nf_tables component can be exploited to achieve local privilege escalation. (bsc#1215097)\n- CVE-2023-5345: Fixed an use-after-free vulnerability in the fs/smb/client component which could be exploited to achieve local privilege escalation. (bsc#1215971)\n- CVE-2023-4622: Fixed a use-after-free vulnerability in the Unix domain sockets component which could be exploited to achieve local privilege escalation (bsc#1215442).\n- CVE-2023-2163: Fixed an incorrect verifier pruning in BPF that could lead to unsafe code paths being incorrectly marked as safe, resulting in arbitrary read/write in kernel memory, lateral privilege escalation, and container escape. (bsc#1215519)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2023-4848,SUSE-2023-4851,SUSE-2023-4857,SUSE-2023-4858,SUSE-2023-4859,SUSE-SLE-Module-Live-Patching-15-SP4-2023-4848,SUSE-SLE-Module-Live-Patching-15-SP5-2023-4857",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_4848-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2023:4848-1",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20234848-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2023:4848-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-December/017418.html"
},
{
"category": "self",
"summary": "SUSE Bug 1213584",
"url": "https://bugzilla.suse.com/1213584"
},
{
"category": "self",
"summary": "SUSE Bug 1215097",
"url": "https://bugzilla.suse.com/1215097"
},
{
"category": "self",
"summary": "SUSE Bug 1215442",
"url": "https://bugzilla.suse.com/1215442"
},
{
"category": "self",
"summary": "SUSE Bug 1215519",
"url": "https://bugzilla.suse.com/1215519"
},
{
"category": "self",
"summary": "SUSE Bug 1215971",
"url": "https://bugzilla.suse.com/1215971"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-2163 page",
"url": "https://www.suse.com/security/cve/CVE-2023-2163/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-3610 page",
"url": "https://www.suse.com/security/cve/CVE-2023-3610/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-3777 page",
"url": "https://www.suse.com/security/cve/CVE-2023-3777/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-4622 page",
"url": "https://www.suse.com/security/cve/CVE-2023-4622/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-5345 page",
"url": "https://www.suse.com/security/cve/CVE-2023-5345/"
}
],
"title": "Security update for the Linux Kernel (Live Patch 3 for SLE 15 SP5)",
"tracking": {
"current_release_date": "2023-12-14T13:06:05Z",
"generator": {
"date": "2023-12-14T13:06:05Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2023:4848-1",
"initial_release_date": "2023-12-14T13:06:05Z",
"revision_history": [
{
"date": "2023-12-14T13:06:05Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150400_24_38-default-12-150400.2.2.ppc64le",
"product": {
"name": "kernel-livepatch-5_14_21-150400_24_38-default-12-150400.2.2.ppc64le",
"product_id": "kernel-livepatch-5_14_21-150400_24_38-default-12-150400.2.2.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150500_55_19-default-4-150500.2.1.ppc64le",
"product": {
"name": "kernel-livepatch-5_14_21-150500_55_19-default-4-150500.2.1.ppc64le",
"product_id": "kernel-livepatch-5_14_21-150500_55_19-default-4-150500.2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150400_24_46-default-10-150400.2.2.ppc64le",
"product": {
"name": "kernel-livepatch-5_14_21-150400_24_46-default-10-150400.2.2.ppc64le",
"product_id": "kernel-livepatch-5_14_21-150400_24_46-default-10-150400.2.2.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150400_24_55-default-9-150400.2.1.ppc64le",
"product": {
"name": "kernel-livepatch-5_14_21-150400_24_55-default-9-150400.2.1.ppc64le",
"product_id": "kernel-livepatch-5_14_21-150400_24_55-default-9-150400.2.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150400_24_38-default-12-150400.2.2.s390x",
"product": {
"name": "kernel-livepatch-5_14_21-150400_24_38-default-12-150400.2.2.s390x",
"product_id": "kernel-livepatch-5_14_21-150400_24_38-default-12-150400.2.2.s390x"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150500_55_19-default-4-150500.2.1.s390x",
"product": {
"name": "kernel-livepatch-5_14_21-150500_55_19-default-4-150500.2.1.s390x",
"product_id": "kernel-livepatch-5_14_21-150500_55_19-default-4-150500.2.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150400_24_46-default-10-150400.2.2.s390x",
"product": {
"name": "kernel-livepatch-5_14_21-150400_24_46-default-10-150400.2.2.s390x",
"product_id": "kernel-livepatch-5_14_21-150400_24_46-default-10-150400.2.2.s390x"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150400_24_55-default-9-150400.2.1.s390x",
"product": {
"name": "kernel-livepatch-5_14_21-150400_24_55-default-9-150400.2.1.s390x",
"product_id": "kernel-livepatch-5_14_21-150400_24_55-default-9-150400.2.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150400_15_5-rt-12-150400.2.2.x86_64",
"product": {
"name": "kernel-livepatch-5_14_21-150400_15_5-rt-12-150400.2.2.x86_64",
"product_id": "kernel-livepatch-5_14_21-150400_15_5-rt-12-150400.2.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150400_24_38-default-12-150400.2.2.x86_64",
"product": {
"name": "kernel-livepatch-5_14_21-150400_24_38-default-12-150400.2.2.x86_64",
"product_id": "kernel-livepatch-5_14_21-150400_24_38-default-12-150400.2.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150500_55_19-default-4-150500.2.1.x86_64",
"product": {
"name": "kernel-livepatch-5_14_21-150500_55_19-default-4-150500.2.1.x86_64",
"product_id": "kernel-livepatch-5_14_21-150500_55_19-default-4-150500.2.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150400_24_46-default-10-150400.2.2.x86_64",
"product": {
"name": "kernel-livepatch-5_14_21-150400_24_46-default-10-150400.2.2.x86_64",
"product_id": "kernel-livepatch-5_14_21-150400_24_46-default-10-150400.2.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150400_24_55-default-9-150400.2.1.x86_64",
"product": {
"name": "kernel-livepatch-5_14_21-150400_24_55-default-9-150400.2.1.x86_64",
"product_id": "kernel-livepatch-5_14_21-150400_24_55-default-9-150400.2.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_14_21-150400_15_5-rt-12-150400.2.2.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_5-rt-12-150400.2.2.x86_64"
},
"product_reference": "kernel-livepatch-5_14_21-150400_15_5-rt-12-150400.2.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_14_21-150500_55_19-default-4-150500.2.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_19-default-4-150500.2.1.ppc64le"
},
"product_reference": "kernel-livepatch-5_14_21-150500_55_19-default-4-150500.2.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_14_21-150500_55_19-default-4-150500.2.1.s390x as component of SUSE Linux Enterprise Live Patching 15 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_19-default-4-150500.2.1.s390x"
},
"product_reference": "kernel-livepatch-5_14_21-150500_55_19-default-4-150500.2.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_14_21-150500_55_19-default-4-150500.2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_19-default-4-150500.2.1.x86_64"
},
"product_reference": "kernel-livepatch-5_14_21-150500_55_19-default-4-150500.2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-2163",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-2163"
}
],
"notes": [
{
"category": "general",
"text": "Incorrect verifier pruning in BPF in Linux Kernel \u003e=5.4 leads to unsafe\ncode paths being incorrectly marked as safe, resulting in arbitrary read/write in\nkernel memory, lateral privilege escalation, and container escape.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_5-rt-12-150400.2.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_19-default-4-150500.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_19-default-4-150500.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_19-default-4-150500.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-2163",
"url": "https://www.suse.com/security/cve/CVE-2023-2163"
},
{
"category": "external",
"summary": "SUSE Bug 1215518 for CVE-2023-2163",
"url": "https://bugzilla.suse.com/1215518"
},
{
"category": "external",
"summary": "SUSE Bug 1215519 for CVE-2023-2163",
"url": "https://bugzilla.suse.com/1215519"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_5-rt-12-150400.2.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_19-default-4-150500.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_19-default-4-150500.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_19-default-4-150500.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_5-rt-12-150400.2.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_19-default-4-150500.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_19-default-4-150500.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_19-default-4-150500.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-12-14T13:06:05Z",
"details": "important"
}
],
"title": "CVE-2023-2163"
},
{
"cve": "CVE-2023-3610",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-3610"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free vulnerability in the Linux kernel\u0027s netfilter: nf_tables component can be exploited to achieve local privilege escalation.\n\nFlaw in the error handling of bound chains causes a use-after-free in the abort path of NFT_MSG_NEWRULE. The vulnerability requires CAP_NET_ADMIN to be triggered.\n\nWe recommend upgrading past commit 4bedf9eee016286c835e3d8fa981ddece5338795.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_5-rt-12-150400.2.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_19-default-4-150500.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_19-default-4-150500.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_19-default-4-150500.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-3610",
"url": "https://www.suse.com/security/cve/CVE-2023-3610"
},
{
"category": "external",
"summary": "SUSE Bug 1213580 for CVE-2023-3610",
"url": "https://bugzilla.suse.com/1213580"
},
{
"category": "external",
"summary": "SUSE Bug 1213584 for CVE-2023-3610",
"url": "https://bugzilla.suse.com/1213584"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_5-rt-12-150400.2.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_19-default-4-150500.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_19-default-4-150500.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_19-default-4-150500.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_5-rt-12-150400.2.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_19-default-4-150500.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_19-default-4-150500.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_19-default-4-150500.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-12-14T13:06:05Z",
"details": "important"
}
],
"title": "CVE-2023-3610"
},
{
"cve": "CVE-2023-3777",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-3777"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free vulnerability in the Linux kernel\u0027s netfilter: nf_tables component can be exploited to achieve local privilege escalation.\n\nWhen nf_tables_delrule() is flushing table rules, it is not checked whether the chain is bound and the chain\u0027s owner rule can also release the objects in certain circumstances.\n\nWe recommend upgrading past commit 6eaf41e87a223ae6f8e7a28d6e78384ad7e407f8.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_5-rt-12-150400.2.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_19-default-4-150500.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_19-default-4-150500.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_19-default-4-150500.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-3777",
"url": "https://www.suse.com/security/cve/CVE-2023-3777"
},
{
"category": "external",
"summary": "SUSE Bug 1215095 for CVE-2023-3777",
"url": "https://bugzilla.suse.com/1215095"
},
{
"category": "external",
"summary": "SUSE Bug 1215097 for CVE-2023-3777",
"url": "https://bugzilla.suse.com/1215097"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_5-rt-12-150400.2.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_19-default-4-150500.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_19-default-4-150500.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_19-default-4-150500.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_5-rt-12-150400.2.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_19-default-4-150500.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_19-default-4-150500.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_19-default-4-150500.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-12-14T13:06:05Z",
"details": "important"
}
],
"title": "CVE-2023-3777"
},
{
"cve": "CVE-2023-4622",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-4622"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free vulnerability in the Linux kernel\u0027s af_unix component can be exploited to achieve local privilege escalation.\n\nThe unix_stream_sendpage() function tries to add data to the last skb in the peer\u0027s recv queue without locking the queue. Thus there is a race where unix_stream_sendpage() could access an skb locklessly that is being released by garbage collection, resulting in use-after-free.\n\nWe recommend upgrading past commit 790c2f9d15b594350ae9bca7b236f2b1859de02c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_5-rt-12-150400.2.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_19-default-4-150500.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_19-default-4-150500.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_19-default-4-150500.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-4622",
"url": "https://www.suse.com/security/cve/CVE-2023-4622"
},
{
"category": "external",
"summary": "SUSE Bug 1215117 for CVE-2023-4622",
"url": "https://bugzilla.suse.com/1215117"
},
{
"category": "external",
"summary": "SUSE Bug 1215442 for CVE-2023-4622",
"url": "https://bugzilla.suse.com/1215442"
},
{
"category": "external",
"summary": "SUSE Bug 1217531 for CVE-2023-4622",
"url": "https://bugzilla.suse.com/1217531"
},
{
"category": "external",
"summary": "SUSE Bug 1219699 for CVE-2023-4622",
"url": "https://bugzilla.suse.com/1219699"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_5-rt-12-150400.2.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_19-default-4-150500.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_19-default-4-150500.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_19-default-4-150500.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_5-rt-12-150400.2.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_19-default-4-150500.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_19-default-4-150500.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_19-default-4-150500.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-12-14T13:06:05Z",
"details": "important"
}
],
"title": "CVE-2023-4622"
},
{
"cve": "CVE-2023-5345",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-5345"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free vulnerability in the Linux kernel\u0027s fs/smb/client component can be exploited to achieve local privilege escalation.\n\nIn case of an error in smb3_fs_context_parse_param, ctx-\u003epassword was freed but the field was not set to NULL which could lead to double free.\n\nWe recommend upgrading past commit e6e43b8aa7cd3c3af686caf0c2e11819a886d705.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_5-rt-12-150400.2.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_19-default-4-150500.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_19-default-4-150500.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_19-default-4-150500.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-5345",
"url": "https://www.suse.com/security/cve/CVE-2023-5345"
},
{
"category": "external",
"summary": "SUSE Bug 1215899 for CVE-2023-5345",
"url": "https://bugzilla.suse.com/1215899"
},
{
"category": "external",
"summary": "SUSE Bug 1215971 for CVE-2023-5345",
"url": "https://bugzilla.suse.com/1215971"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_5-rt-12-150400.2.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_19-default-4-150500.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_19-default-4-150500.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_19-default-4-150500.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_5-rt-12-150400.2.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_19-default-4-150500.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_19-default-4-150500.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_19-default-4-150500.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-12-14T13:06:05Z",
"details": "important"
}
],
"title": "CVE-2023-5345"
}
]
}
SUSE-SU-2023:4863-1
Vulnerability from csaf_suse - Published: 2023-12-14 14:04 - Updated: 2023-12-14 14:04Summary
Security update for the Linux Kernel (Live Patch 5 for SLE 15 SP5)
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel (Live Patch 5 for SLE 15 SP5)
Description of the patch: This update for the Linux Kernel 5.14.21-150500_55_28 fixes several issues.
The following security issues were fixed:
- CVE-2023-3777: Fixed a use-after-free vulnerability in netfilter: nf_tables component can be exploited to achieve local privilege escalation. (bsc#1215097)
- CVE-2023-5345: Fixed an use-after-free vulnerability in the fs/smb/client component which could be exploited to achieve local privilege escalation. (bsc#1215971)
- CVE-2023-4622: Fixed a use-after-free vulnerability in the Unix domain sockets component which could be exploited to achieve local privilege escalation (bsc#1215442).
- CVE-2023-2163: Fixed an incorrect verifier pruning in BPF that could lead to unsafe code paths being incorrectly marked as safe, resulting in arbitrary read/write in kernel memory, lateral privilege escalation, and container escape. (bsc#1215519)
Patchnames: SUSE-2023-4863,SUSE-SLE-Module-Live-Patching-15-SP5-2023-4863
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.1 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_28-default-3-150500.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_28-default-3-150500.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_28-default-3-150500.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_28-default-3-150500.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_28-default-3-150500.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_28-default-3-150500.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_28-default-3-150500.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_28-default-3-150500.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_28-default-3-150500.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_28-default-3-150500.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_28-default-3-150500.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_28-default-3-150500.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
26 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel (Live Patch 5 for SLE 15 SP5)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for the Linux Kernel 5.14.21-150500_55_28 fixes several issues.\n\nThe following security issues were fixed:\n\n- CVE-2023-3777: Fixed a use-after-free vulnerability in netfilter: nf_tables component can be exploited to achieve local privilege escalation. (bsc#1215097)\n- CVE-2023-5345: Fixed an use-after-free vulnerability in the fs/smb/client component which could be exploited to achieve local privilege escalation. (bsc#1215971)\n- CVE-2023-4622: Fixed a use-after-free vulnerability in the Unix domain sockets component which could be exploited to achieve local privilege escalation (bsc#1215442).\n- CVE-2023-2163: Fixed an incorrect verifier pruning in BPF that could lead to unsafe code paths being incorrectly marked as safe, resulting in arbitrary read/write in kernel memory, lateral privilege escalation, and container escape. (bsc#1215519)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2023-4863,SUSE-SLE-Module-Live-Patching-15-SP5-2023-4863",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_4863-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2023:4863-1",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20234863-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2023:4863-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-December/017414.html"
},
{
"category": "self",
"summary": "SUSE Bug 1215097",
"url": "https://bugzilla.suse.com/1215097"
},
{
"category": "self",
"summary": "SUSE Bug 1215442",
"url": "https://bugzilla.suse.com/1215442"
},
{
"category": "self",
"summary": "SUSE Bug 1215519",
"url": "https://bugzilla.suse.com/1215519"
},
{
"category": "self",
"summary": "SUSE Bug 1215971",
"url": "https://bugzilla.suse.com/1215971"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-2163 page",
"url": "https://www.suse.com/security/cve/CVE-2023-2163/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-3777 page",
"url": "https://www.suse.com/security/cve/CVE-2023-3777/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-4622 page",
"url": "https://www.suse.com/security/cve/CVE-2023-4622/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-5345 page",
"url": "https://www.suse.com/security/cve/CVE-2023-5345/"
}
],
"title": "Security update for the Linux Kernel (Live Patch 5 for SLE 15 SP5)",
"tracking": {
"current_release_date": "2023-12-14T14:04:05Z",
"generator": {
"date": "2023-12-14T14:04:05Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2023:4863-1",
"initial_release_date": "2023-12-14T14:04:05Z",
"revision_history": [
{
"date": "2023-12-14T14:04:05Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150500_55_28-default-3-150500.2.1.ppc64le",
"product": {
"name": "kernel-livepatch-5_14_21-150500_55_28-default-3-150500.2.1.ppc64le",
"product_id": "kernel-livepatch-5_14_21-150500_55_28-default-3-150500.2.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150500_55_28-default-3-150500.2.1.s390x",
"product": {
"name": "kernel-livepatch-5_14_21-150500_55_28-default-3-150500.2.1.s390x",
"product_id": "kernel-livepatch-5_14_21-150500_55_28-default-3-150500.2.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150500_55_28-default-3-150500.2.1.x86_64",
"product": {
"name": "kernel-livepatch-5_14_21-150500_55_28-default-3-150500.2.1.x86_64",
"product_id": "kernel-livepatch-5_14_21-150500_55_28-default-3-150500.2.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_14_21-150500_55_28-default-3-150500.2.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_28-default-3-150500.2.1.ppc64le"
},
"product_reference": "kernel-livepatch-5_14_21-150500_55_28-default-3-150500.2.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_14_21-150500_55_28-default-3-150500.2.1.s390x as component of SUSE Linux Enterprise Live Patching 15 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_28-default-3-150500.2.1.s390x"
},
"product_reference": "kernel-livepatch-5_14_21-150500_55_28-default-3-150500.2.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_14_21-150500_55_28-default-3-150500.2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_28-default-3-150500.2.1.x86_64"
},
"product_reference": "kernel-livepatch-5_14_21-150500_55_28-default-3-150500.2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-2163",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-2163"
}
],
"notes": [
{
"category": "general",
"text": "Incorrect verifier pruning in BPF in Linux Kernel \u003e=5.4 leads to unsafe\ncode paths being incorrectly marked as safe, resulting in arbitrary read/write in\nkernel memory, lateral privilege escalation, and container escape.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_28-default-3-150500.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_28-default-3-150500.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_28-default-3-150500.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-2163",
"url": "https://www.suse.com/security/cve/CVE-2023-2163"
},
{
"category": "external",
"summary": "SUSE Bug 1215518 for CVE-2023-2163",
"url": "https://bugzilla.suse.com/1215518"
},
{
"category": "external",
"summary": "SUSE Bug 1215519 for CVE-2023-2163",
"url": "https://bugzilla.suse.com/1215519"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_28-default-3-150500.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_28-default-3-150500.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_28-default-3-150500.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_28-default-3-150500.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_28-default-3-150500.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_28-default-3-150500.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-12-14T14:04:05Z",
"details": "important"
}
],
"title": "CVE-2023-2163"
},
{
"cve": "CVE-2023-3777",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-3777"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free vulnerability in the Linux kernel\u0027s netfilter: nf_tables component can be exploited to achieve local privilege escalation.\n\nWhen nf_tables_delrule() is flushing table rules, it is not checked whether the chain is bound and the chain\u0027s owner rule can also release the objects in certain circumstances.\n\nWe recommend upgrading past commit 6eaf41e87a223ae6f8e7a28d6e78384ad7e407f8.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_28-default-3-150500.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_28-default-3-150500.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_28-default-3-150500.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-3777",
"url": "https://www.suse.com/security/cve/CVE-2023-3777"
},
{
"category": "external",
"summary": "SUSE Bug 1215095 for CVE-2023-3777",
"url": "https://bugzilla.suse.com/1215095"
},
{
"category": "external",
"summary": "SUSE Bug 1215097 for CVE-2023-3777",
"url": "https://bugzilla.suse.com/1215097"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_28-default-3-150500.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_28-default-3-150500.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_28-default-3-150500.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_28-default-3-150500.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_28-default-3-150500.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_28-default-3-150500.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-12-14T14:04:05Z",
"details": "important"
}
],
"title": "CVE-2023-3777"
},
{
"cve": "CVE-2023-4622",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-4622"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free vulnerability in the Linux kernel\u0027s af_unix component can be exploited to achieve local privilege escalation.\n\nThe unix_stream_sendpage() function tries to add data to the last skb in the peer\u0027s recv queue without locking the queue. Thus there is a race where unix_stream_sendpage() could access an skb locklessly that is being released by garbage collection, resulting in use-after-free.\n\nWe recommend upgrading past commit 790c2f9d15b594350ae9bca7b236f2b1859de02c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_28-default-3-150500.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_28-default-3-150500.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_28-default-3-150500.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-4622",
"url": "https://www.suse.com/security/cve/CVE-2023-4622"
},
{
"category": "external",
"summary": "SUSE Bug 1215117 for CVE-2023-4622",
"url": "https://bugzilla.suse.com/1215117"
},
{
"category": "external",
"summary": "SUSE Bug 1215442 for CVE-2023-4622",
"url": "https://bugzilla.suse.com/1215442"
},
{
"category": "external",
"summary": "SUSE Bug 1217531 for CVE-2023-4622",
"url": "https://bugzilla.suse.com/1217531"
},
{
"category": "external",
"summary": "SUSE Bug 1219699 for CVE-2023-4622",
"url": "https://bugzilla.suse.com/1219699"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_28-default-3-150500.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_28-default-3-150500.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_28-default-3-150500.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_28-default-3-150500.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_28-default-3-150500.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_28-default-3-150500.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-12-14T14:04:05Z",
"details": "important"
}
],
"title": "CVE-2023-4622"
},
{
"cve": "CVE-2023-5345",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-5345"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free vulnerability in the Linux kernel\u0027s fs/smb/client component can be exploited to achieve local privilege escalation.\n\nIn case of an error in smb3_fs_context_parse_param, ctx-\u003epassword was freed but the field was not set to NULL which could lead to double free.\n\nWe recommend upgrading past commit e6e43b8aa7cd3c3af686caf0c2e11819a886d705.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_28-default-3-150500.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_28-default-3-150500.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_28-default-3-150500.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-5345",
"url": "https://www.suse.com/security/cve/CVE-2023-5345"
},
{
"category": "external",
"summary": "SUSE Bug 1215899 for CVE-2023-5345",
"url": "https://bugzilla.suse.com/1215899"
},
{
"category": "external",
"summary": "SUSE Bug 1215971 for CVE-2023-5345",
"url": "https://bugzilla.suse.com/1215971"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_28-default-3-150500.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_28-default-3-150500.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_28-default-3-150500.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_28-default-3-150500.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_28-default-3-150500.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_28-default-3-150500.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-12-14T14:04:05Z",
"details": "important"
}
],
"title": "CVE-2023-5345"
}
]
}
SUSE-SU-2023:4872-1
Vulnerability from csaf_suse - Published: 2023-12-14 18:33 - Updated: 2023-12-14 18:33Summary
Security update for the Linux Kernel (Live Patch 16 for SLE 15 SP4)
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel (Live Patch 16 for SLE 15 SP4)
Description of the patch: This update for the Linux Kernel 5.14.21-150400_24_81 fixes several issues.
The following security issues were fixed:
- CVE-2023-3610: Fixed use-after-free vulnerability in nf_tables can be exploited to achieve local privilege escalation (bsc#1213584).
- CVE-2023-3777: Fixed a use-after-free vulnerability in netfilter: nf_tables component can be exploited to achieve local privilege escalation. (bsc#1215097)
- CVE-2023-5345: Fixed an use-after-free vulnerability in the fs/smb/client component which could be exploited to achieve local privilege escalation. (bsc#1215971)
- CVE-2023-4622: Fixed a use-after-free vulnerability in the Unix domain sockets component which could be exploited to achieve local privilege escalation (bsc#1215442).
- CVE-2023-2163: Fixed an incorrect verifier pruning in BPF that could lead to unsafe code paths being incorrectly marked as safe, resulting in arbitrary read/write in kernel memory, lateral privilege escalation, and container escape. (bsc#1215519)
Patchnames: SUSE-2023-4872,SUSE-SLE-Module-Live-Patching-15-SP4-2023-4872
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.1 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_81-default-4-150400.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_81-default-4-150400.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_81-default-4-150400.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_81-default-4-150400.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_81-default-4-150400.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_81-default-4-150400.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_81-default-4-150400.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_81-default-4-150400.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_81-default-4-150400.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_81-default-4-150400.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_81-default-4-150400.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_81-default-4-150400.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_81-default-4-150400.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_81-default-4-150400.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_81-default-4-150400.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
31 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel (Live Patch 16 for SLE 15 SP4)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for the Linux Kernel 5.14.21-150400_24_81 fixes several issues.\n\nThe following security issues were fixed:\n\n- CVE-2023-3610: Fixed use-after-free vulnerability in nf_tables can be exploited to achieve local privilege escalation (bsc#1213584).\n- CVE-2023-3777: Fixed a use-after-free vulnerability in netfilter: nf_tables component can be exploited to achieve local privilege escalation. (bsc#1215097)\n- CVE-2023-5345: Fixed an use-after-free vulnerability in the fs/smb/client component which could be exploited to achieve local privilege escalation. (bsc#1215971)\n- CVE-2023-4622: Fixed a use-after-free vulnerability in the Unix domain sockets component which could be exploited to achieve local privilege escalation (bsc#1215442).\n- CVE-2023-2163: Fixed an incorrect verifier pruning in BPF that could lead to unsafe code paths being incorrectly marked as safe, resulting in arbitrary read/write in kernel memory, lateral privilege escalation, and container escape. (bsc#1215519)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2023-4872,SUSE-SLE-Module-Live-Patching-15-SP4-2023-4872",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_4872-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2023:4872-1",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20234872-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2023:4872-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-December/017423.html"
},
{
"category": "self",
"summary": "SUSE Bug 1213584",
"url": "https://bugzilla.suse.com/1213584"
},
{
"category": "self",
"summary": "SUSE Bug 1215097",
"url": "https://bugzilla.suse.com/1215097"
},
{
"category": "self",
"summary": "SUSE Bug 1215442",
"url": "https://bugzilla.suse.com/1215442"
},
{
"category": "self",
"summary": "SUSE Bug 1215519",
"url": "https://bugzilla.suse.com/1215519"
},
{
"category": "self",
"summary": "SUSE Bug 1215971",
"url": "https://bugzilla.suse.com/1215971"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-2163 page",
"url": "https://www.suse.com/security/cve/CVE-2023-2163/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-3610 page",
"url": "https://www.suse.com/security/cve/CVE-2023-3610/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-3777 page",
"url": "https://www.suse.com/security/cve/CVE-2023-3777/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-4622 page",
"url": "https://www.suse.com/security/cve/CVE-2023-4622/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-5345 page",
"url": "https://www.suse.com/security/cve/CVE-2023-5345/"
}
],
"title": "Security update for the Linux Kernel (Live Patch 16 for SLE 15 SP4)",
"tracking": {
"current_release_date": "2023-12-14T18:33:33Z",
"generator": {
"date": "2023-12-14T18:33:33Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2023:4872-1",
"initial_release_date": "2023-12-14T18:33:33Z",
"revision_history": [
{
"date": "2023-12-14T18:33:33Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150400_24_81-default-4-150400.2.1.ppc64le",
"product": {
"name": "kernel-livepatch-5_14_21-150400_24_81-default-4-150400.2.1.ppc64le",
"product_id": "kernel-livepatch-5_14_21-150400_24_81-default-4-150400.2.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150400_24_81-default-4-150400.2.1.s390x",
"product": {
"name": "kernel-livepatch-5_14_21-150400_24_81-default-4-150400.2.1.s390x",
"product_id": "kernel-livepatch-5_14_21-150400_24_81-default-4-150400.2.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150400_24_81-default-4-150400.2.1.x86_64",
"product": {
"name": "kernel-livepatch-5_14_21-150400_24_81-default-4-150400.2.1.x86_64",
"product_id": "kernel-livepatch-5_14_21-150400_24_81-default-4-150400.2.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15:sp4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_14_21-150400_24_81-default-4-150400.2.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_81-default-4-150400.2.1.ppc64le"
},
"product_reference": "kernel-livepatch-5_14_21-150400_24_81-default-4-150400.2.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_14_21-150400_24_81-default-4-150400.2.1.s390x as component of SUSE Linux Enterprise Live Patching 15 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_81-default-4-150400.2.1.s390x"
},
"product_reference": "kernel-livepatch-5_14_21-150400_24_81-default-4-150400.2.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_14_21-150400_24_81-default-4-150400.2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_81-default-4-150400.2.1.x86_64"
},
"product_reference": "kernel-livepatch-5_14_21-150400_24_81-default-4-150400.2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-2163",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-2163"
}
],
"notes": [
{
"category": "general",
"text": "Incorrect verifier pruning in BPF in Linux Kernel \u003e=5.4 leads to unsafe\ncode paths being incorrectly marked as safe, resulting in arbitrary read/write in\nkernel memory, lateral privilege escalation, and container escape.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_81-default-4-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_81-default-4-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_81-default-4-150400.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-2163",
"url": "https://www.suse.com/security/cve/CVE-2023-2163"
},
{
"category": "external",
"summary": "SUSE Bug 1215518 for CVE-2023-2163",
"url": "https://bugzilla.suse.com/1215518"
},
{
"category": "external",
"summary": "SUSE Bug 1215519 for CVE-2023-2163",
"url": "https://bugzilla.suse.com/1215519"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_81-default-4-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_81-default-4-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_81-default-4-150400.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_81-default-4-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_81-default-4-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_81-default-4-150400.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-12-14T18:33:33Z",
"details": "important"
}
],
"title": "CVE-2023-2163"
},
{
"cve": "CVE-2023-3610",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-3610"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free vulnerability in the Linux kernel\u0027s netfilter: nf_tables component can be exploited to achieve local privilege escalation.\n\nFlaw in the error handling of bound chains causes a use-after-free in the abort path of NFT_MSG_NEWRULE. The vulnerability requires CAP_NET_ADMIN to be triggered.\n\nWe recommend upgrading past commit 4bedf9eee016286c835e3d8fa981ddece5338795.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_81-default-4-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_81-default-4-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_81-default-4-150400.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-3610",
"url": "https://www.suse.com/security/cve/CVE-2023-3610"
},
{
"category": "external",
"summary": "SUSE Bug 1213580 for CVE-2023-3610",
"url": "https://bugzilla.suse.com/1213580"
},
{
"category": "external",
"summary": "SUSE Bug 1213584 for CVE-2023-3610",
"url": "https://bugzilla.suse.com/1213584"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_81-default-4-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_81-default-4-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_81-default-4-150400.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_81-default-4-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_81-default-4-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_81-default-4-150400.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-12-14T18:33:33Z",
"details": "important"
}
],
"title": "CVE-2023-3610"
},
{
"cve": "CVE-2023-3777",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-3777"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free vulnerability in the Linux kernel\u0027s netfilter: nf_tables component can be exploited to achieve local privilege escalation.\n\nWhen nf_tables_delrule() is flushing table rules, it is not checked whether the chain is bound and the chain\u0027s owner rule can also release the objects in certain circumstances.\n\nWe recommend upgrading past commit 6eaf41e87a223ae6f8e7a28d6e78384ad7e407f8.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_81-default-4-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_81-default-4-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_81-default-4-150400.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-3777",
"url": "https://www.suse.com/security/cve/CVE-2023-3777"
},
{
"category": "external",
"summary": "SUSE Bug 1215095 for CVE-2023-3777",
"url": "https://bugzilla.suse.com/1215095"
},
{
"category": "external",
"summary": "SUSE Bug 1215097 for CVE-2023-3777",
"url": "https://bugzilla.suse.com/1215097"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_81-default-4-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_81-default-4-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_81-default-4-150400.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_81-default-4-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_81-default-4-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_81-default-4-150400.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-12-14T18:33:33Z",
"details": "important"
}
],
"title": "CVE-2023-3777"
},
{
"cve": "CVE-2023-4622",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-4622"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free vulnerability in the Linux kernel\u0027s af_unix component can be exploited to achieve local privilege escalation.\n\nThe unix_stream_sendpage() function tries to add data to the last skb in the peer\u0027s recv queue without locking the queue. Thus there is a race where unix_stream_sendpage() could access an skb locklessly that is being released by garbage collection, resulting in use-after-free.\n\nWe recommend upgrading past commit 790c2f9d15b594350ae9bca7b236f2b1859de02c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_81-default-4-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_81-default-4-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_81-default-4-150400.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-4622",
"url": "https://www.suse.com/security/cve/CVE-2023-4622"
},
{
"category": "external",
"summary": "SUSE Bug 1215117 for CVE-2023-4622",
"url": "https://bugzilla.suse.com/1215117"
},
{
"category": "external",
"summary": "SUSE Bug 1215442 for CVE-2023-4622",
"url": "https://bugzilla.suse.com/1215442"
},
{
"category": "external",
"summary": "SUSE Bug 1217531 for CVE-2023-4622",
"url": "https://bugzilla.suse.com/1217531"
},
{
"category": "external",
"summary": "SUSE Bug 1219699 for CVE-2023-4622",
"url": "https://bugzilla.suse.com/1219699"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_81-default-4-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_81-default-4-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_81-default-4-150400.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_81-default-4-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_81-default-4-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_81-default-4-150400.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-12-14T18:33:33Z",
"details": "important"
}
],
"title": "CVE-2023-4622"
},
{
"cve": "CVE-2023-5345",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-5345"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free vulnerability in the Linux kernel\u0027s fs/smb/client component can be exploited to achieve local privilege escalation.\n\nIn case of an error in smb3_fs_context_parse_param, ctx-\u003epassword was freed but the field was not set to NULL which could lead to double free.\n\nWe recommend upgrading past commit e6e43b8aa7cd3c3af686caf0c2e11819a886d705.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_81-default-4-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_81-default-4-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_81-default-4-150400.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-5345",
"url": "https://www.suse.com/security/cve/CVE-2023-5345"
},
{
"category": "external",
"summary": "SUSE Bug 1215899 for CVE-2023-5345",
"url": "https://bugzilla.suse.com/1215899"
},
{
"category": "external",
"summary": "SUSE Bug 1215971 for CVE-2023-5345",
"url": "https://bugzilla.suse.com/1215971"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_81-default-4-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_81-default-4-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_81-default-4-150400.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_81-default-4-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_81-default-4-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_81-default-4-150400.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-12-14T18:33:33Z",
"details": "important"
}
],
"title": "CVE-2023-5345"
}
]
}
WID-SEC-W-2023-2549
Vulnerability from csaf_certbund - Published: 2023-10-03 22:00 - Updated: 2024-05-15 22:00Summary
Linux Kernel: Schwachstelle ermöglicht Privilegieneskalation
Severity
Mittel
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Der Kernel stellt den Kern des Linux Betriebssystems dar.
Angriff: Ein lokaler Angreifer kann eine Schwachstelle im Linux Kernel ausnutzen, um seine Privilegien zu erhöhen.
Betroffene Betriebssysteme: - Linux
Es existiert eine Schwachstelle im Linux Kernel. Diese ist auf einen Use-after-Free-Fehler in "fs/smb/client" zurückzuführen. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um seine Privilegien zu erweitern.
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Security Guardium 12.0
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:12.0
|
12 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— |
References
36 references
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Der Kernel stellt den Kern des Linux Betriebssystems dar.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein lokaler Angreifer kann eine Schwachstelle im Linux Kernel ausnutzen, um seine Privilegien zu erh\u00f6hen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2023-2549 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-2549.json"
},
{
"category": "self",
"summary": "WID-SEC-2023-2549 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2549"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6607-1 vom 2024-01-26",
"url": "https://ubuntu.com/security/notices/USN-6607-1"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:7734 vom 2023-12-12",
"url": "https://access.redhat.com/errata/RHSA-2023:7734"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6572-1 vom 2024-01-09",
"url": "https://ubuntu.com/security/notices/USN-6572-1"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:7749 vom 2023-12-13",
"url": "https://access.redhat.com/errata/RHSA-2023:7749"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2023:4801-1 vom 2023-12-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-December/017337.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2023:4766-1 vom 2023-12-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-December/017325.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2023:4775-1 vom 2023-12-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-December/017323.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2023:4805-1 vom 2023-12-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-December/017338.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2023:4822-1 vom 2023-12-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-December/017351.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2023:4841-1 vom 2023-12-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-December/017353.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2023:4872-1 vom 2023-12-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-December/017423.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2023-13047 vom 2023-12-14",
"url": "https://linux.oracle.com/errata/ELSA-2023-13047.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2023:4848-1 vom 2023-12-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-December/017418.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2023:4863-1 vom 2023-12-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-December/017414.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2023-7749 vom 2023-12-22",
"url": "https://linux.oracle.com/errata/ELSA-2023-7749.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice LSN-0100-1 vom 2024-02-07",
"url": "https://ubuntu.com/security/notices/LSN-0100-1"
},
{
"category": "external",
"summary": "NIST Database vom 2023-10-03",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-5345"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2023-50BD7C9C12 vom 2023-10-07",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-50bd7c9c12"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2023-C3BB819677 vom 2023-10-07",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-c3bb819677"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2023-830D9EC624 vom 2023-10-07",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-830d9ec624"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2023:4035-1 vom 2023-10-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-October/016616.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2023:4072-1 vom 2023-10-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-October/016677.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2023:4071-1 vom 2023-10-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-October/016678.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2023:4093-1 vom 2023-10-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-October/016702.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6461-1 vom 2023-10-31",
"url": "https://ubuntu.com/security/notices/USN-6461-1"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2023:4072-2 vom 2023-11-06",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-November/016995.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6502-1 vom 2023-11-21",
"url": "https://ubuntu.com/security/notices/USN-6502-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6503-1 vom 2023-11-21",
"url": "https://ubuntu.com/security/notices/USN-6503-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6502-2 vom 2023-11-27",
"url": "https://ubuntu.com/security/notices/USN-6502-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6502-3 vom 2023-11-28",
"url": "https://ubuntu.com/security/notices/USN-6502-3"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6520-1 vom 2023-11-28",
"url": "https://ubuntu.com/security/notices/USN-6520-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6502-4 vom 2023-11-30",
"url": "https://ubuntu.com/security/notices/USN-6502-4"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6537-1 vom 2023-12-06",
"url": "https://ubuntu.com/security/notices/USN-6537-1"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7152469 vom 2024-05-15",
"url": "https://www.ibm.com/support/pages/node/7152469"
}
],
"source_lang": "en-US",
"title": "Linux Kernel: Schwachstelle erm\u00f6glicht Privilegieneskalation",
"tracking": {
"current_release_date": "2024-05-15T22:00:00.000+00:00",
"generator": {
"date": "2024-08-15T17:59:23.575+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2023-2549",
"initial_release_date": "2023-10-03T22:00:00.000+00:00",
"revision_history": [
{
"date": "2023-10-03T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2023-10-08T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Fedora aufgenommen"
},
{
"date": "2023-10-10T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2023-10-15T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2023-10-16T22:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2023-10-31T23:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2023-11-06T23:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2023-11-21T23:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2023-11-27T23:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2023-11-28T23:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2023-11-30T23:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2023-12-06T23:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2023-12-12T23:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2023-12-13T23:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2023-12-14T23:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2023-12-26T23:00:00.000+00:00",
"number": "16",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2024-01-09T23:00:00.000+00:00",
"number": "17",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2024-01-25T23:00:00.000+00:00",
"number": "18",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2024-02-07T23:00:00.000+00:00",
"number": "19",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2024-05-15T22:00:00.000+00:00",
"number": "20",
"summary": "Neue Updates von IBM aufgenommen"
}
],
"status": "final",
"version": "20"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Fedora Linux",
"product": {
"name": "Fedora Linux",
"product_id": "74185",
"product_identification_helper": {
"cpe": "cpe:/o:fedoraproject:fedora:-"
}
}
}
],
"category": "vendor",
"name": "Fedora"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "12",
"product": {
"name": "IBM Security Guardium 12.0",
"product_id": "T031092",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:security_guardium:12.0"
}
}
}
],
"category": "product_name",
"name": "Security Guardium"
}
],
"category": "vendor",
"name": "IBM"
},
{
"branches": [
{
"category": "product_name",
"name": "Open Source Linux Kernel",
"product": {
"name": "Open Source Linux Kernel",
"product_id": "T029591",
"product_identification_helper": {
"cpe": "cpe:/o:linux:linux_kernel:-"
}
}
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-5345",
"notes": [
{
"category": "description",
"text": "Es existiert eine Schwachstelle im Linux Kernel. Diese ist auf einen Use-after-Free-Fehler in \"fs/smb/client\" zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um seine Privilegien zu erweitern."
}
],
"product_status": {
"known_affected": [
"T002207",
"67646",
"T029591",
"T000126",
"T031092",
"T004914",
"74185"
]
},
"release_date": "2023-10-03T22:00:00.000+00:00",
"title": "CVE-2023-5345"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…