SUSE update for libcap
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 2 |
| CVE-ID | CVE-2023-2602 CVE-2023-2603 |
| CWE-ID | CWE-401 CWE-98 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
Basesystem Module Operating systems & Components / Operating system SUSE Linux Enterprise Micro for Rancher Operating systems & Components / Operating system SUSE Linux Enterprise Server for SAP Applications 15 Operating systems & Components / Operating system SUSE Linux Enterprise Server 15 Operating systems & Components / Operating system SUSE Linux Enterprise Real Time 15 Operating systems & Components / Operating system SUSE Linux Enterprise High Performance Computing 15 Operating systems & Components / Operating system SUSE Linux Enterprise Desktop 15 Operating systems & Components / Operating system SUSE Linux Enterprise Micro Operating systems & Components / Operating system openSUSE Leap Operating systems & Components / Operating system openSUSE Leap Micro Operating systems & Components / Operating system SUSE Manager Retail Branch Server Operating systems & Components / Operating system SUSE Manager Server Operating systems & Components / Operating system SUSE Manager Proxy Operating systems & Components / Operating system libcap2-32bit-debuginfo Operating systems & Components / Operating system package or component libpsx2-32bit-debuginfo Operating systems & Components / Operating system package or component libpsx2-32bit Operating systems & Components / Operating system package or component libcap2-32bit Operating systems & Components / Operating system package or component libcap-devel Operating systems & Components / Operating system package or component libcap-progs Operating systems & Components / Operating system package or component libcap-progs-debuginfo Operating systems & Components / Operating system package or component libpsx2-debuginfo Operating systems & Components / Operating system package or component libpsx2 Operating systems & Components / Operating system package or component libcap2-debuginfo Operating systems & Components / Operating system package or component libcap2 Operating systems & Components / Operating system package or component libcap-debugsource Operating systems & Components / Operating system package or component |
| Vendor | SUSE |
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
1) Memory leak
EUVDB-ID: #VU76757
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-2602
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform DoS attack on the target system.
The vulnerability exists due memory leak in the error handling in the __wrap_pthread_create() function. A remote attacker can send a specially crafted request, exploit vulnerability to exhaust the process memory and cause a denial of service condition.
MitigationUpdate the affected package libcap to the latest version.
Vulnerable software versionsBasesystem Module: 15-SP4 - 15-SP5
SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Server for SAP Applications 15: SP4 - SP5
SUSE Linux Enterprise Server 15: SP4 - SP5
SUSE Linux Enterprise Real Time 15: SP4 - SP5
SUSE Linux Enterprise High Performance Computing 15: SP4 - SP5
SUSE Linux Enterprise Desktop 15: SP4 - SP5
SUSE Linux Enterprise Micro: 5.3 - 5.4
openSUSE Leap: 15.4 - 15.5
openSUSE Leap Micro: 5.3
SUSE Manager Retail Branch Server: 4.3
SUSE Manager Server: 4.3
SUSE Manager Proxy: 4.3
libcap2-32bit-debuginfo: before 2.63-150400.3.3.1
libpsx2-32bit-debuginfo: before 2.63-150400.3.3.1
libpsx2-32bit: before 2.63-150400.3.3.1
libcap2-32bit: before 2.63-150400.3.3.1
libcap-devel: before 2.63-150400.3.3.1
libcap-progs: before 2.63-150400.3.3.1
libcap-progs-debuginfo: before 2.63-150400.3.3.1
libpsx2-debuginfo: before 2.63-150400.3.3.1
libpsx2: before 2.63-150400.3.3.1
libcap2-debuginfo: before 2.63-150400.3.3.1
libcap2: before 2.63-150400.3.3.1
libcap-debugsource: before 2.63-150400.3.3.1
CPE2.3- cpe:2.3:o:suse:basesystem_module:15-SP4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:basesystem_module:15-SP5:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_desktop_15:SP4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:opensuse_leap:15.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:opensuse_leap_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_retail_branch_server:4.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_server:4.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_proxy:4.3:*:*:*:*:*:*:*
- cpe:2.3:a:suse:libcap2-32bit-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:libpsx2-32bit-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:libpsx2-32bit:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:libcap2-32bit:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:libcap-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:libcap-progs:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:libcap-progs-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:libpsx2-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:libpsx2:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:libcap2-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:libcap2:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:libcap-debugsource:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2023/suse-su-20232765-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) PHP file inclusion
EUVDB-ID: #VU72703
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2023-2603
CWE-ID:
CWE-98 - Improper Control of Filename for Include/Require Statement in PHP Program
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to include and execute arbitrary PHP files on the server.
The vulnerability exists due to incorrect input validation when including PHP files in web/ajax/modal.php. A remote non-authenticated attacker can send a specially crafted HTTP request to the affected application, include and execute arbitrary PHP code on the system with privileges of the web server.
MitigationUpdate the affected package libcap to the latest version.
Vulnerable software versionsBasesystem Module: 15-SP4 - 15-SP5
SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Server for SAP Applications 15: SP4 - SP5
SUSE Linux Enterprise Server 15: SP4 - SP5
SUSE Linux Enterprise Real Time 15: SP4 - SP5
SUSE Linux Enterprise High Performance Computing 15: SP4 - SP5
SUSE Linux Enterprise Desktop 15: SP4 - SP5
SUSE Linux Enterprise Micro: 5.3 - 5.4
openSUSE Leap: 15.4 - 15.5
openSUSE Leap Micro: 5.3
SUSE Manager Retail Branch Server: 4.3
SUSE Manager Server: 4.3
SUSE Manager Proxy: 4.3
libcap2-32bit-debuginfo: before 2.63-150400.3.3.1
libpsx2-32bit-debuginfo: before 2.63-150400.3.3.1
libpsx2-32bit: before 2.63-150400.3.3.1
libcap2-32bit: before 2.63-150400.3.3.1
libcap-devel: before 2.63-150400.3.3.1
libcap-progs: before 2.63-150400.3.3.1
libcap-progs-debuginfo: before 2.63-150400.3.3.1
libpsx2-debuginfo: before 2.63-150400.3.3.1
libpsx2: before 2.63-150400.3.3.1
libcap2-debuginfo: before 2.63-150400.3.3.1
libcap2: before 2.63-150400.3.3.1
libcap-debugsource: before 2.63-150400.3.3.1
CPE2.3- cpe:2.3:o:suse:basesystem_module:15-SP4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:basesystem_module:15-SP5:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_desktop_15:SP4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:opensuse_leap:15.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:opensuse_leap_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_retail_branch_server:4.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_server:4.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_proxy:4.3:*:*:*:*:*:*:*
- cpe:2.3:a:suse:libcap2-32bit-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:libpsx2-32bit-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:libpsx2-32bit:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:libcap2-32bit:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:libcap-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:libcap-progs:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:libcap-progs-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:libpsx2-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:libpsx2:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:libcap2-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:libcap2:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:libcap-debugsource:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2023/suse-su-20232765-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
