Security update for the Linux Kernel (Live Patch 36 for SLE 15 SP2)
Details
This update for the Linux Kernel 5.3.18-15020024151 fixes several issues.
The following security issues were fixed:
CVE-2023-35788: Fixed an out-of-bounds write in the flower classifier code via TCAFLOWERKEYENCOPTSGENEVE packets in flsetgeneveopt in net/sched/cls_flower.c (bsc#1212509).
CVE-2023-3159: Fixed use-after-free issue in driver/firewire in outboundphypacket_callback (bsc#1212347).
CVE-2023-2002: Fixed a flaw that allowed an attacker to unauthorized execution of management commands, compromising the confidentiality, integrity, and availability of Bluetooth communication (bsc#1210566).