Main Vulnerability Database SB2023090231

SB2023090231 - openEuler 20.03 LTS SP3 update for kernel

Published: September 2, 2023 Updated: January 4, 2026

Security Bulletin ID SB2023090231

Severity

Medium

Patch available

YES

Number of vulnerabilities 7

Exploitation vector Remote access

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 7 secuirty vulnerabilities.

1) Resource exhaustion (CVE-ID: CVE-2023-1206)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a hash collision flaw in the IPv6 connection lookup table in the Linux kernel’s IPv6 functionality when an attacker makes a new kind of SYN flood attack. A remote attacker can increase the CPU usage of the server that accepts IPV6 connections up to 95%.

2) Buffer overflow (CVE-ID: CVE-2023-34319)

The vulnerability allows a malicious guest to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error in netback when processing certain packets. A malicious guest can send specially crafted packets to the backend, trigger memory corruption and crash the hypervisor.

3) Use-after-free (CVE-ID: CVE-2023-40283)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the l2cap_sock_release() function in net/bluetooth/l2cap_sock.c. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.

4) Type Confusion (CVE-ID: CVE-2023-4194)

The vulnerability allows a local user to bypass implemented security restrictions.

The vulnerability exists due to a type confusion error in TUN/TAP functionality. A local user can bypass network filters and gain unauthorized access to some resources.

The vulnerability exists due to incomplete fix for #VU72742 (CVE-2023-1076).

5) NULL pointer dereference (CVE-ID: CVE-2023-4385)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error within the dbFree() function in fs/jfs/jfs_dmap.c in the journaling file system (JFS). A local user can perform a denial of service (DoS) attack.

6) NULL pointer dereference (CVE-ID: CVE-2023-4459)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error within the vmxnet3_rq_cleanup() function in drivers/net/vmxnet3/vmxnet3_drv.c. A local user can perform a denial of service (DoS) attack.

7) Type Confusion (CVE-ID: CVE-2023-1076)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a type confusion error during initialization of TUN/TAP sockets. A local user can trigger a type confusion error and execute arbitrary code with elevated privileges.

Remediation

Install update from vendor's website.

References

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1584

Vulnerable Software

openEuler: 20.03 LTS SP3
kernel-tools-devel: before 4.19.90-2308.5.0.0216
python3-perf-debuginfo: before 4.19.90-2308.5.0.0216
python2-perf-debuginfo: before 4.19.90-2308.5.0.0216
perf-debuginfo: before 4.19.90-2308.5.0.0216
kernel-source: before 4.19.90-2308.5.0.0216
kernel-debugsource: before 4.19.90-2308.5.0.0216
kernel-tools-debuginfo: before 4.19.90-2308.5.0.0216
kernel-tools: before 4.19.90-2308.5.0.0216
bpftool-debuginfo: before 4.19.90-2308.5.0.0216
kernel-debuginfo: before 4.19.90-2308.5.0.0216
python3-perf: before 4.19.90-2308.5.0.0216
bpftool: before 4.19.90-2308.5.0.0216
perf: before 4.19.90-2308.5.0.0216
python2-perf: before 4.19.90-2308.5.0.0216
kernel-devel: before 4.19.90-2308.5.0.0216
kernel: before 4.19.90-2308.5.0.0216

SB2023090231 - openEuler 20.03 LTS SP3 update for kernel

Breakdown by Severity

Description

Remediation

References

Please verify you're human