SUSE update for the Linux Kernel
Security Bulletin
This security bulletin contains information about 14 vulnerabilities.
1) Information disclosure
EUVDB-ID: #VU9884
Risk: Low
CVSSv3.1: 6.2 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:H/RL:O/RC:C]
CVE-ID: CVE-2017-5753
CWE-ID:
CWE-200 - Information exposure
Exploit availability: Yes
DescriptionThe vulnerability allows a local attacker to obtain potentially sensitive information.
The vulnerability exists in Intel CPU hardware due to improper implementation of the speculative execution of instructions. A local attacker can perform a bounds check bypass, execute arbitrary code, conduct a side-channel attack and read sensitive memory information.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Real Time Module: 15-SP4
SUSE Linux Enterprise Micro: 5.3 - 5.4
SUSE Linux Enterprise Live Patching: 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15: SP4
SUSE Linux Enterprise Server 15: SP4
SUSE Linux Enterprise Real Time 15: SP4
SUSE Linux Enterprise High Performance Computing 15: SP4
openSUSE Leap Micro: 5.3
openSUSE Leap: 15.4
kernel-livepatch-SLE15-SP4-RT_Update_6-debugsource: before 1-150400.1.3.3
kernel-livepatch-5_14_21-150400_15_23-rt-debuginfo: before 1-150400.1.3.3
kernel-livepatch-5_14_21-150400_15_23-rt: before 1-150400.1.3.3
kernel-rt_debug: before 5.14.21-150400.15.23.1
kernel-source-rt: before 5.14.21-150400.15.23.1
kernel-devel-rt: before 5.14.21-150400.15.23.1
kernel-rt_debug-devel: before 5.14.21-150400.15.23.1
kernel-rt-devel-debuginfo: before 5.14.21-150400.15.23.1
gfs2-kmp-rt: before 5.14.21-150400.15.23.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150400.15.23.1
kernel-rt_debug-debugsource: before 5.14.21-150400.15.23.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150400.15.23.1
kernel-syms-rt: before 5.14.21-150400.15.23.1
dlm-kmp-rt: before 5.14.21-150400.15.23.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150400.15.23.1
ocfs2-kmp-rt: before 5.14.21-150400.15.23.1
cluster-md-kmp-rt: before 5.14.21-150400.15.23.1
kernel-rt-devel: before 5.14.21-150400.15.23.1
dlm-kmp-rt-debuginfo: before 5.14.21-150400.15.23.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150400.15.23.1
kernel-rt_debug-debuginfo: before 5.14.21-150400.15.23.1
kernel-rt-debuginfo: before 5.14.21-150400.15.23.1
kernel-rt-debugsource: before 5.14.21-150400.15.23.1
kernel-rt: before 5.14.21-150400.15.23.1
External linkshttp://www.suse.com/support/update/announcement/2023/suse-su-20231992-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
Yes. This vulnerability is being exploited in the wild.
2) Double Free
EUVDB-ID: #VU74053
Risk: Low
CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-4744
CWE-ID:
CWE-415 - Double Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error within the tun_free_netdev() function in the Linux kernel’s TUN/TAP device driver. A local user can trigger a double free error and execute arbitrary code with elevated privileges.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Real Time Module: 15-SP4
SUSE Linux Enterprise Micro: 5.3 - 5.4
SUSE Linux Enterprise Live Patching: 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15: SP4
SUSE Linux Enterprise Server 15: SP4
SUSE Linux Enterprise Real Time 15: SP4
SUSE Linux Enterprise High Performance Computing 15: SP4
openSUSE Leap Micro: 5.3
openSUSE Leap: 15.4
kernel-livepatch-SLE15-SP4-RT_Update_6-debugsource: before 1-150400.1.3.3
kernel-livepatch-5_14_21-150400_15_23-rt-debuginfo: before 1-150400.1.3.3
kernel-livepatch-5_14_21-150400_15_23-rt: before 1-150400.1.3.3
kernel-rt_debug: before 5.14.21-150400.15.23.1
kernel-source-rt: before 5.14.21-150400.15.23.1
kernel-devel-rt: before 5.14.21-150400.15.23.1
kernel-rt_debug-devel: before 5.14.21-150400.15.23.1
kernel-rt-devel-debuginfo: before 5.14.21-150400.15.23.1
gfs2-kmp-rt: before 5.14.21-150400.15.23.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150400.15.23.1
kernel-rt_debug-debugsource: before 5.14.21-150400.15.23.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150400.15.23.1
kernel-syms-rt: before 5.14.21-150400.15.23.1
dlm-kmp-rt: before 5.14.21-150400.15.23.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150400.15.23.1
ocfs2-kmp-rt: before 5.14.21-150400.15.23.1
cluster-md-kmp-rt: before 5.14.21-150400.15.23.1
kernel-rt-devel: before 5.14.21-150400.15.23.1
dlm-kmp-rt-debuginfo: before 5.14.21-150400.15.23.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150400.15.23.1
kernel-rt_debug-debuginfo: before 5.14.21-150400.15.23.1
kernel-rt-debuginfo: before 5.14.21-150400.15.23.1
kernel-rt-debugsource: before 5.14.21-150400.15.23.1
kernel-rt: before 5.14.21-150400.15.23.1
External linkshttp://www.suse.com/support/update/announcement/2023/suse-su-20231992-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) NULL pointer dereference
EUVDB-ID: #VU71352
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-0394
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error within the rawv6_push_pending_frames() function in net/ipv6/raw.c. A local user can run a specially crafted program on the system and perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Real Time Module: 15-SP4
SUSE Linux Enterprise Micro: 5.3 - 5.4
SUSE Linux Enterprise Live Patching: 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15: SP4
SUSE Linux Enterprise Server 15: SP4
SUSE Linux Enterprise Real Time 15: SP4
SUSE Linux Enterprise High Performance Computing 15: SP4
openSUSE Leap Micro: 5.3
openSUSE Leap: 15.4
kernel-livepatch-SLE15-SP4-RT_Update_6-debugsource: before 1-150400.1.3.3
kernel-livepatch-5_14_21-150400_15_23-rt-debuginfo: before 1-150400.1.3.3
kernel-livepatch-5_14_21-150400_15_23-rt: before 1-150400.1.3.3
kernel-rt_debug: before 5.14.21-150400.15.23.1
kernel-source-rt: before 5.14.21-150400.15.23.1
kernel-devel-rt: before 5.14.21-150400.15.23.1
kernel-rt_debug-devel: before 5.14.21-150400.15.23.1
kernel-rt-devel-debuginfo: before 5.14.21-150400.15.23.1
gfs2-kmp-rt: before 5.14.21-150400.15.23.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150400.15.23.1
kernel-rt_debug-debugsource: before 5.14.21-150400.15.23.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150400.15.23.1
kernel-syms-rt: before 5.14.21-150400.15.23.1
dlm-kmp-rt: before 5.14.21-150400.15.23.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150400.15.23.1
ocfs2-kmp-rt: before 5.14.21-150400.15.23.1
cluster-md-kmp-rt: before 5.14.21-150400.15.23.1
kernel-rt-devel: before 5.14.21-150400.15.23.1
dlm-kmp-rt-debuginfo: before 5.14.21-150400.15.23.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150400.15.23.1
kernel-rt_debug-debuginfo: before 5.14.21-150400.15.23.1
kernel-rt-debuginfo: before 5.14.21-150400.15.23.1
kernel-rt-debugsource: before 5.14.21-150400.15.23.1
kernel-rt: before 5.14.21-150400.15.23.1
External linkshttp://www.suse.com/support/update/announcement/2023/suse-su-20231992-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Use-after-free
EUVDB-ID: #VU74122
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-1281
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error in Linux kernel traffic control index filter (tcindex) when the tcf_exts_exec() function is called with the destroyed tcf_ext. A local user attacker can trigger a use-after-free error and execute arbitrary code with elevated privileges.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Real Time Module: 15-SP4
SUSE Linux Enterprise Micro: 5.3 - 5.4
SUSE Linux Enterprise Live Patching: 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15: SP4
SUSE Linux Enterprise Server 15: SP4
SUSE Linux Enterprise Real Time 15: SP4
SUSE Linux Enterprise High Performance Computing 15: SP4
openSUSE Leap Micro: 5.3
openSUSE Leap: 15.4
kernel-livepatch-SLE15-SP4-RT_Update_6-debugsource: before 1-150400.1.3.3
kernel-livepatch-5_14_21-150400_15_23-rt-debuginfo: before 1-150400.1.3.3
kernel-livepatch-5_14_21-150400_15_23-rt: before 1-150400.1.3.3
kernel-rt_debug: before 5.14.21-150400.15.23.1
kernel-source-rt: before 5.14.21-150400.15.23.1
kernel-devel-rt: before 5.14.21-150400.15.23.1
kernel-rt_debug-devel: before 5.14.21-150400.15.23.1
kernel-rt-devel-debuginfo: before 5.14.21-150400.15.23.1
gfs2-kmp-rt: before 5.14.21-150400.15.23.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150400.15.23.1
kernel-rt_debug-debugsource: before 5.14.21-150400.15.23.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150400.15.23.1
kernel-syms-rt: before 5.14.21-150400.15.23.1
dlm-kmp-rt: before 5.14.21-150400.15.23.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150400.15.23.1
ocfs2-kmp-rt: before 5.14.21-150400.15.23.1
cluster-md-kmp-rt: before 5.14.21-150400.15.23.1
kernel-rt-devel: before 5.14.21-150400.15.23.1
dlm-kmp-rt-debuginfo: before 5.14.21-150400.15.23.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150400.15.23.1
kernel-rt_debug-debuginfo: before 5.14.21-150400.15.23.1
kernel-rt-debuginfo: before 5.14.21-150400.15.23.1
kernel-rt-debugsource: before 5.14.21-150400.15.23.1
kernel-rt: before 5.14.21-150400.15.23.1
External linkshttp://www.suse.com/support/update/announcement/2023/suse-su-20231992-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Improper Initialization
EUVDB-ID: #VU74630
Risk: Low
CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-1513
CWE-ID:
CWE-665 - Improper Initialization
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to improper initialization when calling the KVM_GET_DEBUGREGS ioctl on 32-bit systems. A local user can run a specially crafted application to gain access to sensitive information.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Real Time Module: 15-SP4
SUSE Linux Enterprise Micro: 5.3 - 5.4
SUSE Linux Enterprise Live Patching: 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15: SP4
SUSE Linux Enterprise Server 15: SP4
SUSE Linux Enterprise Real Time 15: SP4
SUSE Linux Enterprise High Performance Computing 15: SP4
openSUSE Leap Micro: 5.3
openSUSE Leap: 15.4
kernel-livepatch-SLE15-SP4-RT_Update_6-debugsource: before 1-150400.1.3.3
kernel-livepatch-5_14_21-150400_15_23-rt-debuginfo: before 1-150400.1.3.3
kernel-livepatch-5_14_21-150400_15_23-rt: before 1-150400.1.3.3
kernel-rt_debug: before 5.14.21-150400.15.23.1
kernel-source-rt: before 5.14.21-150400.15.23.1
kernel-devel-rt: before 5.14.21-150400.15.23.1
kernel-rt_debug-devel: before 5.14.21-150400.15.23.1
kernel-rt-devel-debuginfo: before 5.14.21-150400.15.23.1
gfs2-kmp-rt: before 5.14.21-150400.15.23.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150400.15.23.1
kernel-rt_debug-debugsource: before 5.14.21-150400.15.23.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150400.15.23.1
kernel-syms-rt: before 5.14.21-150400.15.23.1
dlm-kmp-rt: before 5.14.21-150400.15.23.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150400.15.23.1
ocfs2-kmp-rt: before 5.14.21-150400.15.23.1
cluster-md-kmp-rt: before 5.14.21-150400.15.23.1
kernel-rt-devel: before 5.14.21-150400.15.23.1
dlm-kmp-rt-debuginfo: before 5.14.21-150400.15.23.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150400.15.23.1
kernel-rt_debug-debuginfo: before 5.14.21-150400.15.23.1
kernel-rt-debuginfo: before 5.14.21-150400.15.23.1
kernel-rt-debugsource: before 5.14.21-150400.15.23.1
kernel-rt: before 5.14.21-150400.15.23.1
External linkshttp://www.suse.com/support/update/announcement/2023/suse-su-20231992-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Race condition
EUVDB-ID: #VU74629
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-1582
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a race condition within fs/proc/task_mmu.c. A local user can exploit the race and crash the kernel.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Real Time Module: 15-SP4
SUSE Linux Enterprise Micro: 5.3 - 5.4
SUSE Linux Enterprise Live Patching: 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15: SP4
SUSE Linux Enterprise Server 15: SP4
SUSE Linux Enterprise Real Time 15: SP4
SUSE Linux Enterprise High Performance Computing 15: SP4
openSUSE Leap Micro: 5.3
openSUSE Leap: 15.4
kernel-livepatch-SLE15-SP4-RT_Update_6-debugsource: before 1-150400.1.3.3
kernel-livepatch-5_14_21-150400_15_23-rt-debuginfo: before 1-150400.1.3.3
kernel-livepatch-5_14_21-150400_15_23-rt: before 1-150400.1.3.3
kernel-rt_debug: before 5.14.21-150400.15.23.1
kernel-source-rt: before 5.14.21-150400.15.23.1
kernel-devel-rt: before 5.14.21-150400.15.23.1
kernel-rt_debug-devel: before 5.14.21-150400.15.23.1
kernel-rt-devel-debuginfo: before 5.14.21-150400.15.23.1
gfs2-kmp-rt: before 5.14.21-150400.15.23.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150400.15.23.1
kernel-rt_debug-debugsource: before 5.14.21-150400.15.23.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150400.15.23.1
kernel-syms-rt: before 5.14.21-150400.15.23.1
dlm-kmp-rt: before 5.14.21-150400.15.23.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150400.15.23.1
ocfs2-kmp-rt: before 5.14.21-150400.15.23.1
cluster-md-kmp-rt: before 5.14.21-150400.15.23.1
kernel-rt-devel: before 5.14.21-150400.15.23.1
dlm-kmp-rt-debuginfo: before 5.14.21-150400.15.23.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150400.15.23.1
kernel-rt_debug-debuginfo: before 5.14.21-150400.15.23.1
kernel-rt-debuginfo: before 5.14.21-150400.15.23.1
kernel-rt-debugsource: before 5.14.21-150400.15.23.1
kernel-rt: before 5.14.21-150400.15.23.1
External linkshttp://www.suse.com/support/update/announcement/2023/suse-su-20231992-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Use-after-free
EUVDB-ID: #VU75204
Risk: Low
CVSSv3.1: 4.1 [CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-1611
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error within the btrfs_search_slot() function in fs/btrfs/ctree.c. A local user can trigger a use-after-free error and crash the kernel.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Real Time Module: 15-SP4
SUSE Linux Enterprise Micro: 5.3 - 5.4
SUSE Linux Enterprise Live Patching: 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15: SP4
SUSE Linux Enterprise Server 15: SP4
SUSE Linux Enterprise Real Time 15: SP4
SUSE Linux Enterprise High Performance Computing 15: SP4
openSUSE Leap Micro: 5.3
openSUSE Leap: 15.4
kernel-livepatch-SLE15-SP4-RT_Update_6-debugsource: before 1-150400.1.3.3
kernel-livepatch-5_14_21-150400_15_23-rt-debuginfo: before 1-150400.1.3.3
kernel-livepatch-5_14_21-150400_15_23-rt: before 1-150400.1.3.3
kernel-rt_debug: before 5.14.21-150400.15.23.1
kernel-source-rt: before 5.14.21-150400.15.23.1
kernel-devel-rt: before 5.14.21-150400.15.23.1
kernel-rt_debug-devel: before 5.14.21-150400.15.23.1
kernel-rt-devel-debuginfo: before 5.14.21-150400.15.23.1
gfs2-kmp-rt: before 5.14.21-150400.15.23.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150400.15.23.1
kernel-rt_debug-debugsource: before 5.14.21-150400.15.23.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150400.15.23.1
kernel-syms-rt: before 5.14.21-150400.15.23.1
dlm-kmp-rt: before 5.14.21-150400.15.23.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150400.15.23.1
ocfs2-kmp-rt: before 5.14.21-150400.15.23.1
cluster-md-kmp-rt: before 5.14.21-150400.15.23.1
kernel-rt-devel: before 5.14.21-150400.15.23.1
dlm-kmp-rt-debuginfo: before 5.14.21-150400.15.23.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150400.15.23.1
kernel-rt_debug-debuginfo: before 5.14.21-150400.15.23.1
kernel-rt-debuginfo: before 5.14.21-150400.15.23.1
kernel-rt-debugsource: before 5.14.21-150400.15.23.1
kernel-rt: before 5.14.21-150400.15.23.1
External linkshttp://www.suse.com/support/update/announcement/2023/suse-su-20231992-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Information exposure through microarchitectural state after transient execution
EUVDB-ID: #VU74771
Risk: Low
CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-1637
CWE-ID:
CWE-1342 - Information Exposure through Microarchitectural State after Transient Execution
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due speculative execution behavior in the Linux kernel X86 CPU Power management options functionality. A local user can gain access to sensitive information.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Real Time Module: 15-SP4
SUSE Linux Enterprise Micro: 5.3 - 5.4
SUSE Linux Enterprise Live Patching: 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15: SP4
SUSE Linux Enterprise Server 15: SP4
SUSE Linux Enterprise Real Time 15: SP4
SUSE Linux Enterprise High Performance Computing 15: SP4
openSUSE Leap Micro: 5.3
openSUSE Leap: 15.4
kernel-livepatch-SLE15-SP4-RT_Update_6-debugsource: before 1-150400.1.3.3
kernel-livepatch-5_14_21-150400_15_23-rt-debuginfo: before 1-150400.1.3.3
kernel-livepatch-5_14_21-150400_15_23-rt: before 1-150400.1.3.3
kernel-rt_debug: before 5.14.21-150400.15.23.1
kernel-source-rt: before 5.14.21-150400.15.23.1
kernel-devel-rt: before 5.14.21-150400.15.23.1
kernel-rt_debug-devel: before 5.14.21-150400.15.23.1
kernel-rt-devel-debuginfo: before 5.14.21-150400.15.23.1
gfs2-kmp-rt: before 5.14.21-150400.15.23.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150400.15.23.1
kernel-rt_debug-debugsource: before 5.14.21-150400.15.23.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150400.15.23.1
kernel-syms-rt: before 5.14.21-150400.15.23.1
dlm-kmp-rt: before 5.14.21-150400.15.23.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150400.15.23.1
ocfs2-kmp-rt: before 5.14.21-150400.15.23.1
cluster-md-kmp-rt: before 5.14.21-150400.15.23.1
kernel-rt-devel: before 5.14.21-150400.15.23.1
dlm-kmp-rt-debuginfo: before 5.14.21-150400.15.23.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150400.15.23.1
kernel-rt_debug-debuginfo: before 5.14.21-150400.15.23.1
kernel-rt-debuginfo: before 5.14.21-150400.15.23.1
kernel-rt-debugsource: before 5.14.21-150400.15.23.1
kernel-rt: before 5.14.21-150400.15.23.1
External linkshttp://www.suse.com/support/update/announcement/2023/suse-su-20231992-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
9) Use-after-free
EUVDB-ID: #VU74770
Risk: Low
CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-1652
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the nfsd4_ssc_setup_dul() function in fs/nfsd/nfs4proc.c. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.
Mitigation
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Real Time Module: 15-SP4
SUSE Linux Enterprise Micro: 5.3 - 5.4
SUSE Linux Enterprise Live Patching: 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15: SP4
SUSE Linux Enterprise Server 15: SP4
SUSE Linux Enterprise Real Time 15: SP4
SUSE Linux Enterprise High Performance Computing 15: SP4
openSUSE Leap Micro: 5.3
openSUSE Leap: 15.4
kernel-livepatch-SLE15-SP4-RT_Update_6-debugsource: before 1-150400.1.3.3
kernel-livepatch-5_14_21-150400_15_23-rt-debuginfo: before 1-150400.1.3.3
kernel-livepatch-5_14_21-150400_15_23-rt: before 1-150400.1.3.3
kernel-rt_debug: before 5.14.21-150400.15.23.1
kernel-source-rt: before 5.14.21-150400.15.23.1
kernel-devel-rt: before 5.14.21-150400.15.23.1
kernel-rt_debug-devel: before 5.14.21-150400.15.23.1
kernel-rt-devel-debuginfo: before 5.14.21-150400.15.23.1
gfs2-kmp-rt: before 5.14.21-150400.15.23.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150400.15.23.1
kernel-rt_debug-debugsource: before 5.14.21-150400.15.23.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150400.15.23.1
kernel-syms-rt: before 5.14.21-150400.15.23.1
dlm-kmp-rt: before 5.14.21-150400.15.23.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150400.15.23.1
ocfs2-kmp-rt: before 5.14.21-150400.15.23.1
cluster-md-kmp-rt: before 5.14.21-150400.15.23.1
kernel-rt-devel: before 5.14.21-150400.15.23.1
dlm-kmp-rt-debuginfo: before 5.14.21-150400.15.23.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150400.15.23.1
kernel-rt_debug-debuginfo: before 5.14.21-150400.15.23.1
kernel-rt-debuginfo: before 5.14.21-150400.15.23.1
kernel-rt-debugsource: before 5.14.21-150400.15.23.1
kernel-rt: before 5.14.21-150400.15.23.1
External linkshttp://www.suse.com/support/update/announcement/2023/suse-su-20231992-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
10) Use-after-free
EUVDB-ID: #VU75205
Risk: Low
CVSSv3.1: 4.1 [CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-1838
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Real Time Module: 15-SP4
SUSE Linux Enterprise Micro: 5.3 - 5.4
SUSE Linux Enterprise Live Patching: 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15: SP4
SUSE Linux Enterprise Server 15: SP4
SUSE Linux Enterprise Real Time 15: SP4
SUSE Linux Enterprise High Performance Computing 15: SP4
openSUSE Leap Micro: 5.3
openSUSE Leap: 15.4
kernel-livepatch-SLE15-SP4-RT_Update_6-debugsource: before 1-150400.1.3.3
kernel-livepatch-5_14_21-150400_15_23-rt-debuginfo: before 1-150400.1.3.3
kernel-livepatch-5_14_21-150400_15_23-rt: before 1-150400.1.3.3
kernel-rt_debug: before 5.14.21-150400.15.23.1
kernel-source-rt: before 5.14.21-150400.15.23.1
kernel-devel-rt: before 5.14.21-150400.15.23.1
kernel-rt_debug-devel: before 5.14.21-150400.15.23.1
kernel-rt-devel-debuginfo: before 5.14.21-150400.15.23.1
gfs2-kmp-rt: before 5.14.21-150400.15.23.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150400.15.23.1
kernel-rt_debug-debugsource: before 5.14.21-150400.15.23.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150400.15.23.1
kernel-syms-rt: before 5.14.21-150400.15.23.1
dlm-kmp-rt: before 5.14.21-150400.15.23.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150400.15.23.1
ocfs2-kmp-rt: before 5.14.21-150400.15.23.1
cluster-md-kmp-rt: before 5.14.21-150400.15.23.1
kernel-rt-devel: before 5.14.21-150400.15.23.1
dlm-kmp-rt-debuginfo: before 5.14.21-150400.15.23.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150400.15.23.1
kernel-rt_debug-debuginfo: before 5.14.21-150400.15.23.1
kernel-rt-debuginfo: before 5.14.21-150400.15.23.1
kernel-rt-debugsource: before 5.14.21-150400.15.23.1
kernel-rt: before 5.14.21-150400.15.23.1
External linkshttp://www.suse.com/support/update/announcement/2023/suse-su-20231992-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
11) Return of pointer value outside of expected range
EUVDB-ID: #VU74129
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-23001
CWE-ID:
CWE-466 - Return of pointer value outside of expected range
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exist due to the regulator_get() function in drivers/scsi/ufs/ufs-mediatek.c misinterprets the return value. A local user can perform a denial of service (DoS) attack. MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Real Time Module: 15-SP4
SUSE Linux Enterprise Micro: 5.3 - 5.4
SUSE Linux Enterprise Live Patching: 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15: SP4
SUSE Linux Enterprise Server 15: SP4
SUSE Linux Enterprise Real Time 15: SP4
SUSE Linux Enterprise High Performance Computing 15: SP4
openSUSE Leap Micro: 5.3
openSUSE Leap: 15.4
kernel-livepatch-SLE15-SP4-RT_Update_6-debugsource: before 1-150400.1.3.3
kernel-livepatch-5_14_21-150400_15_23-rt-debuginfo: before 1-150400.1.3.3
kernel-livepatch-5_14_21-150400_15_23-rt: before 1-150400.1.3.3
kernel-rt_debug: before 5.14.21-150400.15.23.1
kernel-source-rt: before 5.14.21-150400.15.23.1
kernel-devel-rt: before 5.14.21-150400.15.23.1
kernel-rt_debug-devel: before 5.14.21-150400.15.23.1
kernel-rt-devel-debuginfo: before 5.14.21-150400.15.23.1
gfs2-kmp-rt: before 5.14.21-150400.15.23.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150400.15.23.1
kernel-rt_debug-debugsource: before 5.14.21-150400.15.23.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150400.15.23.1
kernel-syms-rt: before 5.14.21-150400.15.23.1
dlm-kmp-rt: before 5.14.21-150400.15.23.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150400.15.23.1
ocfs2-kmp-rt: before 5.14.21-150400.15.23.1
cluster-md-kmp-rt: before 5.14.21-150400.15.23.1
kernel-rt-devel: before 5.14.21-150400.15.23.1
dlm-kmp-rt-debuginfo: before 5.14.21-150400.15.23.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150400.15.23.1
kernel-rt_debug-debuginfo: before 5.14.21-150400.15.23.1
kernel-rt-debuginfo: before 5.14.21-150400.15.23.1
kernel-rt-debugsource: before 5.14.21-150400.15.23.1
kernel-rt: before 5.14.21-150400.15.23.1
External linkshttp://www.suse.com/support/update/announcement/2023/suse-su-20231992-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
12) NULL pointer dereference
EUVDB-ID: #VU74772
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-28327
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error within the unix_diag_get_exact() function in net/unix/diag.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Real Time Module: 15-SP4
SUSE Linux Enterprise Micro: 5.3 - 5.4
SUSE Linux Enterprise Live Patching: 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15: SP4
SUSE Linux Enterprise Server 15: SP4
SUSE Linux Enterprise Real Time 15: SP4
SUSE Linux Enterprise High Performance Computing 15: SP4
openSUSE Leap Micro: 5.3
openSUSE Leap: 15.4
kernel-livepatch-SLE15-SP4-RT_Update_6-debugsource: before 1-150400.1.3.3
kernel-livepatch-5_14_21-150400_15_23-rt-debuginfo: before 1-150400.1.3.3
kernel-livepatch-5_14_21-150400_15_23-rt: before 1-150400.1.3.3
kernel-rt_debug: before 5.14.21-150400.15.23.1
kernel-source-rt: before 5.14.21-150400.15.23.1
kernel-devel-rt: before 5.14.21-150400.15.23.1
kernel-rt_debug-devel: before 5.14.21-150400.15.23.1
kernel-rt-devel-debuginfo: before 5.14.21-150400.15.23.1
gfs2-kmp-rt: before 5.14.21-150400.15.23.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150400.15.23.1
kernel-rt_debug-debugsource: before 5.14.21-150400.15.23.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150400.15.23.1
kernel-syms-rt: before 5.14.21-150400.15.23.1
dlm-kmp-rt: before 5.14.21-150400.15.23.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150400.15.23.1
ocfs2-kmp-rt: before 5.14.21-150400.15.23.1
cluster-md-kmp-rt: before 5.14.21-150400.15.23.1
kernel-rt-devel: before 5.14.21-150400.15.23.1
dlm-kmp-rt-debuginfo: before 5.14.21-150400.15.23.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150400.15.23.1
kernel-rt_debug-debuginfo: before 5.14.21-150400.15.23.1
kernel-rt-debuginfo: before 5.14.21-150400.15.23.1
kernel-rt-debugsource: before 5.14.21-150400.15.23.1
kernel-rt: before 5.14.21-150400.15.23.1
External linkshttp://www.suse.com/support/update/announcement/2023/suse-su-20231992-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
13) Double Free
EUVDB-ID: #VU74147
Risk: Low
CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-28464
CWE-ID:
CWE-415 - Double Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error within the hci_conn_cleanup() function in net/bluetooth/hci_conn.c in Linux kernel. A local user can trigger a double free error and execute arbitrary code with elevated privileges.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Real Time Module: 15-SP4
SUSE Linux Enterprise Micro: 5.3 - 5.4
SUSE Linux Enterprise Live Patching: 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15: SP4
SUSE Linux Enterprise Server 15: SP4
SUSE Linux Enterprise Real Time 15: SP4
SUSE Linux Enterprise High Performance Computing 15: SP4
openSUSE Leap Micro: 5.3
openSUSE Leap: 15.4
kernel-livepatch-SLE15-SP4-RT_Update_6-debugsource: before 1-150400.1.3.3
kernel-livepatch-5_14_21-150400_15_23-rt-debuginfo: before 1-150400.1.3.3
kernel-livepatch-5_14_21-150400_15_23-rt: before 1-150400.1.3.3
kernel-rt_debug: before 5.14.21-150400.15.23.1
kernel-source-rt: before 5.14.21-150400.15.23.1
kernel-devel-rt: before 5.14.21-150400.15.23.1
kernel-rt_debug-devel: before 5.14.21-150400.15.23.1
kernel-rt-devel-debuginfo: before 5.14.21-150400.15.23.1
gfs2-kmp-rt: before 5.14.21-150400.15.23.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150400.15.23.1
kernel-rt_debug-debugsource: before 5.14.21-150400.15.23.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150400.15.23.1
kernel-syms-rt: before 5.14.21-150400.15.23.1
dlm-kmp-rt: before 5.14.21-150400.15.23.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150400.15.23.1
ocfs2-kmp-rt: before 5.14.21-150400.15.23.1
cluster-md-kmp-rt: before 5.14.21-150400.15.23.1
kernel-rt-devel: before 5.14.21-150400.15.23.1
dlm-kmp-rt-debuginfo: before 5.14.21-150400.15.23.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150400.15.23.1
kernel-rt_debug-debuginfo: before 5.14.21-150400.15.23.1
kernel-rt-debuginfo: before 5.14.21-150400.15.23.1
kernel-rt-debugsource: before 5.14.21-150400.15.23.1
kernel-rt: before 5.14.21-150400.15.23.1
External linkshttp://www.suse.com/support/update/announcement/2023/suse-su-20231992-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
14) Race condition
EUVDB-ID: #VU74628
Risk: Low
CVSSv3.1: 6.1 [CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-28466
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition caused by a missing lock_sock call within the do_tls_getsockopt() function in net/tls/tls_main.c. A local user can exploit the race and gain unauthorized access to sensitive information and escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Real Time Module: 15-SP4
SUSE Linux Enterprise Micro: 5.3 - 5.4
SUSE Linux Enterprise Live Patching: 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15: SP4
SUSE Linux Enterprise Server 15: SP4
SUSE Linux Enterprise Real Time 15: SP4
SUSE Linux Enterprise High Performance Computing 15: SP4
openSUSE Leap Micro: 5.3
openSUSE Leap: 15.4
kernel-livepatch-SLE15-SP4-RT_Update_6-debugsource: before 1-150400.1.3.3
kernel-livepatch-5_14_21-150400_15_23-rt-debuginfo: before 1-150400.1.3.3
kernel-livepatch-5_14_21-150400_15_23-rt: before 1-150400.1.3.3
kernel-rt_debug: before 5.14.21-150400.15.23.1
kernel-source-rt: before 5.14.21-150400.15.23.1
kernel-devel-rt: before 5.14.21-150400.15.23.1
kernel-rt_debug-devel: before 5.14.21-150400.15.23.1
kernel-rt-devel-debuginfo: before 5.14.21-150400.15.23.1
gfs2-kmp-rt: before 5.14.21-150400.15.23.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150400.15.23.1
kernel-rt_debug-debugsource: before 5.14.21-150400.15.23.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150400.15.23.1
kernel-syms-rt: before 5.14.21-150400.15.23.1
dlm-kmp-rt: before 5.14.21-150400.15.23.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150400.15.23.1
ocfs2-kmp-rt: before 5.14.21-150400.15.23.1
cluster-md-kmp-rt: before 5.14.21-150400.15.23.1
kernel-rt-devel: before 5.14.21-150400.15.23.1
dlm-kmp-rt-debuginfo: before 5.14.21-150400.15.23.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150400.15.23.1
kernel-rt_debug-debuginfo: before 5.14.21-150400.15.23.1
kernel-rt-debuginfo: before 5.14.21-150400.15.23.1
kernel-rt-debugsource: before 5.14.21-150400.15.23.1
kernel-rt: before 5.14.21-150400.15.23.1
External linkshttp://www.suse.com/support/update/announcement/2023/suse-su-20231992-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
