SUSE update for the Linux Kernel



Published: 2024-01-17
Risk Medium
Patch available YES
Number of vulnerabilities 8
CVE-ID CVE-2020-26555
CVE-2022-2586
CVE-2023-51779
CVE-2023-6121
CVE-2023-6606
CVE-2023-6610
CVE-2023-6931
CVE-2023-6932
CWE-ID CWE-284
CWE-416
CWE-125
CWE-787
Exploitation vector Network
Public exploit Public exploit code for vulnerability #2 is available.
Vulnerable software
Subscribe 		SUSE Linux Enterprise Real Time 12
Operating systems & Components / Operating system

SUSE Linux Enterprise Server 12
Operating systems & Components / Operating system

SUSE Linux Enterprise High Performance Computing 12
Operating systems & Components / Operating system

kernel-rt
Operating systems & Components / Operating system package or component

kernel-rt_debug
Operating systems & Components / Operating system package or component

kernel-devel-rt
Operating systems & Components / Operating system package or component

kernel-source-rt
Operating systems & Components / Operating system package or component

dlm-kmp-rt-debuginfo
Operating systems & Components / Operating system package or component

kernel-rt-devel-debuginfo
Operating systems & Components / Operating system package or component

cluster-md-kmp-rt-debuginfo
Operating systems & Components / Operating system package or component

kernel-syms-rt
Operating systems & Components / Operating system package or component

kernel-rt-base
Operating systems & Components / Operating system package or component

gfs2-kmp-rt
Operating systems & Components / Operating system package or component

gfs2-kmp-rt-debuginfo
Operating systems & Components / Operating system package or component

ocfs2-kmp-rt-debuginfo
Operating systems & Components / Operating system package or component

cluster-md-kmp-rt
Operating systems & Components / Operating system package or component

kernel-rt_debug-devel
Operating systems & Components / Operating system package or component

dlm-kmp-rt
Operating systems & Components / Operating system package or component

kernel-rt_debug-debuginfo
Operating systems & Components / Operating system package or component

ocfs2-kmp-rt
Operating systems & Components / Operating system package or component

kernel-rt_debug-debugsource
Operating systems & Components / Operating system package or component

kernel-rt-debuginfo
Operating systems & Components / Operating system package or component

kernel-rt-debugsource
Operating systems & Components / Operating system package or component

kernel-rt-base-debuginfo
Operating systems & Components / Operating system package or component

kernel-rt_debug-devel-debuginfo
Operating systems & Components / Operating system package or component

kernel-rt-devel
Operating systems & Components / Operating system package or component

Vendor SUSE

Security Bulletin

This security bulletin contains information about 8 vulnerabilities.

1) Improper access control

EUVDB-ID: #VU53578

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-26555

CWE-ID: CWE-284 - Improper Access Control

Exploit availability: No

Description

The vulnerability allows a local attacker to gain unauthorized access to otherwise restricted functionality.

The vulnerability exists due to improper access restrictions within the Bluetooth legacy BR/EDR PIN code pairing. An attacker with physical access can spoof the BD_ADDR of the peer device and complete pairing without knowledge of the PIN.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Real Time 12: SP5

SUSE Linux Enterprise Server 12: SP5

SUSE Linux Enterprise High Performance Computing 12: SP5

kernel-rt: before 4.12.14-10.157.1

kernel-rt_debug: before 4.12.14-10.157.1

kernel-devel-rt: before 4.12.14-10.157.1

kernel-source-rt: before 4.12.14-10.157.1

dlm-kmp-rt-debuginfo: before 4.12.14-10.157.1

kernel-rt-devel-debuginfo: before 4.12.14-10.157.1

cluster-md-kmp-rt-debuginfo: before 4.12.14-10.157.1

kernel-syms-rt: before 4.12.14-10.157.1

kernel-rt-base: before 4.12.14-10.157.1

gfs2-kmp-rt: before 4.12.14-10.157.1

gfs2-kmp-rt-debuginfo: before 4.12.14-10.157.1

ocfs2-kmp-rt-debuginfo: before 4.12.14-10.157.1

cluster-md-kmp-rt: before 4.12.14-10.157.1

kernel-rt_debug-devel: before 4.12.14-10.157.1

dlm-kmp-rt: before 4.12.14-10.157.1

kernel-rt_debug-debuginfo: before 4.12.14-10.157.1

ocfs2-kmp-rt: before 4.12.14-10.157.1

kernel-rt_debug-debugsource: before 4.12.14-10.157.1

kernel-rt-debuginfo: before 4.12.14-10.157.1

kernel-rt-debugsource: before 4.12.14-10.157.1

kernel-rt-base-debuginfo: before 4.12.14-10.157.1

kernel-rt_debug-devel-debuginfo: before 4.12.14-10.157.1

kernel-rt-devel: before 4.12.14-10.157.1

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20240118-1/


Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Use-after-free

EUVDB-ID: #VU66396

Risk: Low

CVSSv3.1: 7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C]

CVE-ID: CVE-2022-2586

CWE-ID: CWE-416 - Use After Free

Exploit availability: Yes

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the the netfilter subsystem implementation in Linux kernel when preventing one nft object from referencing an nft set in another nft table. A local user can trigger a use-after-free error and execute arbitrary code on the system with elevated privileges.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Real Time 12: SP5

SUSE Linux Enterprise Server 12: SP5

SUSE Linux Enterprise High Performance Computing 12: SP5

kernel-rt: before 4.12.14-10.157.1

kernel-rt_debug: before 4.12.14-10.157.1

kernel-devel-rt: before 4.12.14-10.157.1

kernel-source-rt: before 4.12.14-10.157.1

dlm-kmp-rt-debuginfo: before 4.12.14-10.157.1

kernel-rt-devel-debuginfo: before 4.12.14-10.157.1

cluster-md-kmp-rt-debuginfo: before 4.12.14-10.157.1

kernel-syms-rt: before 4.12.14-10.157.1

kernel-rt-base: before 4.12.14-10.157.1

gfs2-kmp-rt: before 4.12.14-10.157.1

gfs2-kmp-rt-debuginfo: before 4.12.14-10.157.1

ocfs2-kmp-rt-debuginfo: before 4.12.14-10.157.1

cluster-md-kmp-rt: before 4.12.14-10.157.1

kernel-rt_debug-devel: before 4.12.14-10.157.1

dlm-kmp-rt: before 4.12.14-10.157.1

kernel-rt_debug-debuginfo: before 4.12.14-10.157.1

ocfs2-kmp-rt: before 4.12.14-10.157.1

kernel-rt_debug-debugsource: before 4.12.14-10.157.1

kernel-rt-debuginfo: before 4.12.14-10.157.1

kernel-rt-debugsource: before 4.12.14-10.157.1

kernel-rt-base-debuginfo: before 4.12.14-10.157.1

kernel-rt_debug-devel-debuginfo: before 4.12.14-10.157.1

kernel-rt-devel: before 4.12.14-10.157.1

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20240118-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

3) Use-after-free

EUVDB-ID: #VU85023

Risk: Low

CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-51779

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error when handling bt_sock_ioctl in the Bluetooth subsystem. A local user can trigger a use-after-free error and execute arbitrary code on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Real Time 12: SP5

SUSE Linux Enterprise Server 12: SP5

SUSE Linux Enterprise High Performance Computing 12: SP5

kernel-rt: before 4.12.14-10.157.1

kernel-rt_debug: before 4.12.14-10.157.1

kernel-devel-rt: before 4.12.14-10.157.1

kernel-source-rt: before 4.12.14-10.157.1

dlm-kmp-rt-debuginfo: before 4.12.14-10.157.1

kernel-rt-devel-debuginfo: before 4.12.14-10.157.1

cluster-md-kmp-rt-debuginfo: before 4.12.14-10.157.1

kernel-syms-rt: before 4.12.14-10.157.1

kernel-rt-base: before 4.12.14-10.157.1

gfs2-kmp-rt: before 4.12.14-10.157.1

gfs2-kmp-rt-debuginfo: before 4.12.14-10.157.1

ocfs2-kmp-rt-debuginfo: before 4.12.14-10.157.1

cluster-md-kmp-rt: before 4.12.14-10.157.1

kernel-rt_debug-devel: before 4.12.14-10.157.1

dlm-kmp-rt: before 4.12.14-10.157.1

kernel-rt_debug-debuginfo: before 4.12.14-10.157.1

ocfs2-kmp-rt: before 4.12.14-10.157.1

kernel-rt_debug-debugsource: before 4.12.14-10.157.1

kernel-rt-debuginfo: before 4.12.14-10.157.1

kernel-rt-debugsource: before 4.12.14-10.157.1

kernel-rt-base-debuginfo: before 4.12.14-10.157.1

kernel-rt_debug-devel-debuginfo: before 4.12.14-10.157.1

kernel-rt-devel: before 4.12.14-10.157.1

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20240118-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Out-of-bounds read

EUVDB-ID: #VU84788

Risk: Medium

CVSSv3.1: 5.1 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-6121

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition in the NVMe-oF/TCP subsystem in the Linux kernel. A remote attacker can send specially crafted data to the system, trigger an out-of-bounds read error and read contents of memory.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Real Time 12: SP5

SUSE Linux Enterprise Server 12: SP5

SUSE Linux Enterprise High Performance Computing 12: SP5

kernel-rt: before 4.12.14-10.157.1

kernel-rt_debug: before 4.12.14-10.157.1

kernel-devel-rt: before 4.12.14-10.157.1

kernel-source-rt: before 4.12.14-10.157.1

dlm-kmp-rt-debuginfo: before 4.12.14-10.157.1

kernel-rt-devel-debuginfo: before 4.12.14-10.157.1

cluster-md-kmp-rt-debuginfo: before 4.12.14-10.157.1

kernel-syms-rt: before 4.12.14-10.157.1

kernel-rt-base: before 4.12.14-10.157.1

gfs2-kmp-rt: before 4.12.14-10.157.1

gfs2-kmp-rt-debuginfo: before 4.12.14-10.157.1

ocfs2-kmp-rt-debuginfo: before 4.12.14-10.157.1

cluster-md-kmp-rt: before 4.12.14-10.157.1

kernel-rt_debug-devel: before 4.12.14-10.157.1

dlm-kmp-rt: before 4.12.14-10.157.1

kernel-rt_debug-debuginfo: before 4.12.14-10.157.1

ocfs2-kmp-rt: before 4.12.14-10.157.1

kernel-rt_debug-debugsource: before 4.12.14-10.157.1

kernel-rt-debuginfo: before 4.12.14-10.157.1

kernel-rt-debugsource: before 4.12.14-10.157.1

kernel-rt-base-debuginfo: before 4.12.14-10.157.1

kernel-rt_debug-devel-debuginfo: before 4.12.14-10.157.1

kernel-rt-devel: before 4.12.14-10.157.1

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20240118-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Out-of-bounds read

EUVDB-ID: #VU85442

Risk: Low

CVSSv3.1: 6.2 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-6606

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to a boundary condition within the smbCalcSize() function in fs/smb/client/netmisc.c file. A local user can trigger an out-of-bounds read error and gain access to sensitive information or crash the kernel.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Real Time 12: SP5

SUSE Linux Enterprise Server 12: SP5

SUSE Linux Enterprise High Performance Computing 12: SP5

kernel-rt: before 4.12.14-10.157.1

kernel-rt_debug: before 4.12.14-10.157.1

kernel-devel-rt: before 4.12.14-10.157.1

kernel-source-rt: before 4.12.14-10.157.1

dlm-kmp-rt-debuginfo: before 4.12.14-10.157.1

kernel-rt-devel-debuginfo: before 4.12.14-10.157.1

cluster-md-kmp-rt-debuginfo: before 4.12.14-10.157.1

kernel-syms-rt: before 4.12.14-10.157.1

kernel-rt-base: before 4.12.14-10.157.1

gfs2-kmp-rt: before 4.12.14-10.157.1

gfs2-kmp-rt-debuginfo: before 4.12.14-10.157.1

ocfs2-kmp-rt-debuginfo: before 4.12.14-10.157.1

cluster-md-kmp-rt: before 4.12.14-10.157.1

kernel-rt_debug-devel: before 4.12.14-10.157.1

dlm-kmp-rt: before 4.12.14-10.157.1

kernel-rt_debug-debuginfo: before 4.12.14-10.157.1

ocfs2-kmp-rt: before 4.12.14-10.157.1

kernel-rt_debug-debugsource: before 4.12.14-10.157.1

kernel-rt-debuginfo: before 4.12.14-10.157.1

kernel-rt-debugsource: before 4.12.14-10.157.1

kernel-rt-base-debuginfo: before 4.12.14-10.157.1

kernel-rt_debug-devel-debuginfo: before 4.12.14-10.157.1

kernel-rt-devel: before 4.12.14-10.157.1

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20240118-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Out-of-bounds read

EUVDB-ID: #VU85443

Risk: Low

CVSSv3.1: 6.2 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-6610

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to a boundary condition within the smb2_dump_detail() function in fs/smb/client/smb2ops.c. A local user can trigger an out-of-bounds read error and gain access to sensitive information or crash the kernel.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Real Time 12: SP5

SUSE Linux Enterprise Server 12: SP5

SUSE Linux Enterprise High Performance Computing 12: SP5

kernel-rt: before 4.12.14-10.157.1

kernel-rt_debug: before 4.12.14-10.157.1

kernel-devel-rt: before 4.12.14-10.157.1

kernel-source-rt: before 4.12.14-10.157.1

dlm-kmp-rt-debuginfo: before 4.12.14-10.157.1

kernel-rt-devel-debuginfo: before 4.12.14-10.157.1

cluster-md-kmp-rt-debuginfo: before 4.12.14-10.157.1

kernel-syms-rt: before 4.12.14-10.157.1

kernel-rt-base: before 4.12.14-10.157.1

gfs2-kmp-rt: before 4.12.14-10.157.1

gfs2-kmp-rt-debuginfo: before 4.12.14-10.157.1

ocfs2-kmp-rt-debuginfo: before 4.12.14-10.157.1

cluster-md-kmp-rt: before 4.12.14-10.157.1

kernel-rt_debug-devel: before 4.12.14-10.157.1

dlm-kmp-rt: before 4.12.14-10.157.1

kernel-rt_debug-debuginfo: before 4.12.14-10.157.1

ocfs2-kmp-rt: before 4.12.14-10.157.1

kernel-rt_debug-debugsource: before 4.12.14-10.157.1

kernel-rt-debuginfo: before 4.12.14-10.157.1

kernel-rt-debugsource: before 4.12.14-10.157.1

kernel-rt-base-debuginfo: before 4.12.14-10.157.1

kernel-rt_debug-devel-debuginfo: before 4.12.14-10.157.1

kernel-rt-devel: before 4.12.14-10.157.1

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20240118-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Out-of-bounds write

EUVDB-ID: #VU85021

Risk: Low

CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-6931

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error in the Linux kernel's Performance Events system component. A local user can trigger an out-of-bounds write and execute arbitrary code with elevated privileges.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Real Time 12: SP5

SUSE Linux Enterprise Server 12: SP5

SUSE Linux Enterprise High Performance Computing 12: SP5

kernel-rt: before 4.12.14-10.157.1

kernel-rt_debug: before 4.12.14-10.157.1

kernel-devel-rt: before 4.12.14-10.157.1

kernel-source-rt: before 4.12.14-10.157.1

dlm-kmp-rt-debuginfo: before 4.12.14-10.157.1

kernel-rt-devel-debuginfo: before 4.12.14-10.157.1

cluster-md-kmp-rt-debuginfo: before 4.12.14-10.157.1

kernel-syms-rt: before 4.12.14-10.157.1

kernel-rt-base: before 4.12.14-10.157.1

gfs2-kmp-rt: before 4.12.14-10.157.1

gfs2-kmp-rt-debuginfo: before 4.12.14-10.157.1

ocfs2-kmp-rt-debuginfo: before 4.12.14-10.157.1

cluster-md-kmp-rt: before 4.12.14-10.157.1

kernel-rt_debug-devel: before 4.12.14-10.157.1

dlm-kmp-rt: before 4.12.14-10.157.1

kernel-rt_debug-debuginfo: before 4.12.14-10.157.1

ocfs2-kmp-rt: before 4.12.14-10.157.1

kernel-rt_debug-debugsource: before 4.12.14-10.157.1

kernel-rt-debuginfo: before 4.12.14-10.157.1

kernel-rt-debugsource: before 4.12.14-10.157.1

kernel-rt-base-debuginfo: before 4.12.14-10.157.1

kernel-rt_debug-devel-debuginfo: before 4.12.14-10.157.1

kernel-rt-devel: before 4.12.14-10.157.1

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20240118-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Use-after-free

EUVDB-ID: #VU84585

Risk: Low

CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-6932

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local authenticated user to execute arbitrary code.

The vulnerability exists due to a use-after-free error within the ipv4 igmp component in Linux kernel. A local authenticated user can trigger a use-after-free error and execute arbitrary code.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Real Time 12: SP5

SUSE Linux Enterprise Server 12: SP5

SUSE Linux Enterprise High Performance Computing 12: SP5

kernel-rt: before 4.12.14-10.157.1

kernel-rt_debug: before 4.12.14-10.157.1

kernel-devel-rt: before 4.12.14-10.157.1

kernel-source-rt: before 4.12.14-10.157.1

dlm-kmp-rt-debuginfo: before 4.12.14-10.157.1

kernel-rt-devel-debuginfo: before 4.12.14-10.157.1

cluster-md-kmp-rt-debuginfo: before 4.12.14-10.157.1

kernel-syms-rt: before 4.12.14-10.157.1

kernel-rt-base: before 4.12.14-10.157.1

gfs2-kmp-rt: before 4.12.14-10.157.1

gfs2-kmp-rt-debuginfo: before 4.12.14-10.157.1

ocfs2-kmp-rt-debuginfo: before 4.12.14-10.157.1

cluster-md-kmp-rt: before 4.12.14-10.157.1

kernel-rt_debug-devel: before 4.12.14-10.157.1

dlm-kmp-rt: before 4.12.14-10.157.1

kernel-rt_debug-debuginfo: before 4.12.14-10.157.1

ocfs2-kmp-rt: before 4.12.14-10.157.1

kernel-rt_debug-debugsource: before 4.12.14-10.157.1

kernel-rt-debuginfo: before 4.12.14-10.157.1

kernel-rt-debugsource: before 4.12.14-10.157.1

kernel-rt-base-debuginfo: before 4.12.14-10.157.1

kernel-rt_debug-devel-debuginfo: before 4.12.14-10.157.1

kernel-rt-devel: before 4.12.14-10.157.1

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20240118-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###