SUSE-SU-2023:4733-1

Import Source

JSON Data

https://api.osv.dev/v1/vulns/SUSE-SU-2023:4733-1

Related

Published

2023-12-12T14:15:30Z

Modified

2023-12-12T14:15:30Z

Summary

Security update for the Linux Kernel

Details

The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

CVE-2023-39197: Fixed a out-of-bounds read in nfconntrackdccp_packet() (bsc#1216976).
CVE-2023-6176: Fixed a denial of service in the cryptographic algorithm scatterwalk functionality (bsc#1217332).
CVE-2023-45863: Fixed a out-of-bounds write in fillkobjpath() (bsc#1216058).
CVE-2023-45871: Fixed an issue in the IGB driver, where the buffer size may not be adequate for frames larger than the MTU (bsc#1216259).
CVE-2023-39198: Fixed a race condition leading to use-after-free in qxlmodedumb_create() (bsc#1216965).
CVE-2023-31083: Fixed race condition in hciuarttty_ioctl (bsc#1210780).
CVE-2023-5717: Fixed a heap out-of-bounds write vulnerability in the Performance Events component (bsc#1216584).

The following non-security bugs were fixed:

References

Affected packages

Name: kernel-rt
Purl: purl:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.1

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.3.18-150300.152.1

{
    "binaries": [
        {
            "kernel-rt": "5.3.18-150300.152.1"
        }
    ]
}

Name: kernel-rt
Purl: purl:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.2

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.3.18-150300.152.1

{
    "binaries": [
        {
            "kernel-rt": "5.3.18-150300.152.1"
        }
    ]
}