SUSE-SU-2023:4348-1

Advisory lineage Upstream: 11 Downstream: 0

Upstream

CVE-2023-2163 CVE-2023-31085 CVE-2023-3111 CVE-2023-34324 CVE-2023-3777 CVE-2023-39189

Published: 02 Nov 2023, 14:38

Last modified:04 Feb 2026, 03:57

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

02 Nov 2023, 14:38

Published

Vulnerability first disclosed

04 Feb 2026, 03:57

Last Modified

Vulnerability information updated

Description

Security update for the Linux Kernel The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2023-31085: Fixed a divide-by-zero error in do_div(sz,mtd->erasesize) that could cause a local DoS. (bsc#1210778) - CVE-2023-45862: Fixed an issue in the ENE UB6250 reader driver whwere an object could potentially extend beyond the end of an allocation causing. (bsc#1216051) - CVE-2023-2163: Fixed an incorrect verifier pruning in BPF that could lead to unsafe code paths being incorrectly marked as safe, resulting in arbitrary read/write in kernel memory, lateral privilege escalation, and container escape. (bsc#1215518) - CVE-2023-3777: Fixed a use-after-free vulnerability in netfilter: nf_tables component can be exploited to achieve local privilege escalation. (bsc#1215095) - CVE-2023-34324: Fixed a possible deadlock in Linux kernel event handling. (bsc#1215745). - CVE-2023-39189: Fixed a flaw in the Netfilter subsystem that could allow a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, leading to a crash or information disclosure. (bsc#1216046) - CVE-2023-3111: Fixed a use-after-free vulnerability in prepare_to_relocate in fs/btrfs/relocation.c (bsc#1212051). - CVE-2023-39194: Fixed an out of bounds read in the XFRM subsystem (bsc#1215861). - CVE-2023-39193: Fixed an out of bounds read in the xtables subsystem (bsc#1215860). - CVE-2023-39192: Fixed an out of bounds read in the netfilter (bsc#1215858). - CVE-2023-42754: Fixed a NULL pointer dereference in the IPv4 stack that could lead to denial of service (bsc#1215467). The following non-security bugs were fixed: - bpf: propagate precision in ALU/ALU64 operations (git-fixes). - KVM: x86: fix sending PV IPI (git-fixes, bsc#1210853, bsc#1216134). - nvme-fc: Prevent null pointer dereference in nvme_fc_io_getuuid() (bsc#1214842).

Affected Systems

opensuse•dtb-aarch64&distro=openSUSE Leap 15.4
< 5.3.18-150300.59.141.1
suse•kernel-64kb&distro=SUSE Enterprise Storage 7.1
< 5.3.18-150300.59.141.2
suse•kernel-64kb&distro=SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS
< 5.3.18-150300.59.141.2
suse•kernel-64kb&distro=SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS
< 5.3.18-150300.59.141.2
suse•kernel-64kb&distro=SUSE Linux Enterprise Server 15 SP3-LTSS
< 5.3.18-150300.59.141.2
suse•kernel-default-base&distro=SUSE Enterprise Storage 7.1
< 5.3.18-150300.59.141.2.150300.18.82.2
suse•kernel-default-base&distro=SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS
< 5.3.18-150300.59.141.2.150300.18.82.2
suse•kernel-default-base&distro=SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS
< 5.3.18-150300.59.141.2.150300.18.82.2
suse•kernel-default-base&distro=SUSE Linux Enterprise Micro 5.1
< 5.3.18-150300.59.141.2.150300.18.82.2
suse•kernel-default-base&distro=SUSE Linux Enterprise Micro 5.2
< 5.3.18-150300.59.141.2.150300.18.82.2
suse•kernel-default-base&distro=SUSE Linux Enterprise Server 15 SP3-LTSS
< 5.3.18-150300.59.141.2.150300.18.82.2
suse•kernel-default-base&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP3
< 5.3.18-150300.59.141.2.150300.18.82.2
suse•kernel-default-base&distro=SUSE Manager Proxy 4.2
< 5.3.18-150300.59.141.2.150300.18.82.2
suse•kernel-default-base&distro=SUSE Manager Server 4.2
< 5.3.18-150300.59.141.2.150300.18.82.2
suse•kernel-default&distro=SUSE Enterprise Storage 7.1
< 5.3.18-150300.59.141.2
suse•kernel-default&distro=SUSE Linux Enterprise High Availability Extension 15 SP3
< 5.3.18-150300.59.141.2
suse•kernel-default&distro=SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS
< 5.3.18-150300.59.141.2
suse•kernel-default&distro=SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS
< 5.3.18-150300.59.141.2
suse•kernel-default&distro=SUSE Linux Enterprise Live Patching 15 SP3
< 5.3.18-150300.59.141.2
suse•kernel-default&distro=SUSE Linux Enterprise Micro 5.1
< 5.3.18-150300.59.141.2
suse•kernel-default&distro=SUSE Linux Enterprise Micro 5.2
< 5.3.18-150300.59.141.2
suse•kernel-default&distro=SUSE Linux Enterprise Server 15 SP3-LTSS
< 5.3.18-150300.59.141.2
suse•kernel-default&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP3
< 5.3.18-150300.59.141.2
suse•kernel-default&distro=SUSE Manager Proxy 4.2
< 5.3.18-150300.59.141.2
suse•kernel-default&distro=SUSE Manager Server 4.2
< 5.3.18-150300.59.141.2
suse•kernel-docs&distro=SUSE Enterprise Storage 7.1
< 5.3.18-150300.59.141.2
suse•kernel-docs&distro=SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS
< 5.3.18-150300.59.141.2
suse•kernel-docs&distro=SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS
< 5.3.18-150300.59.141.2
suse•kernel-docs&distro=SUSE Linux Enterprise Server 15 SP3-LTSS
< 5.3.18-150300.59.141.2
suse•kernel-docs&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP3
< 5.3.18-150300.59.141.2
suse•kernel-livepatch-SLE15-SP3_Update_38&distro=SUSE Linux Enterprise Live Patching 15 SP3
< 1-150300.7.3.2
suse•kernel-obs-build&distro=SUSE Enterprise Storage 7.1
< 5.3.18-150300.59.141.2
suse•kernel-obs-build&distro=SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS
< 5.3.18-150300.59.141.2
suse•kernel-obs-build&distro=SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS
< 5.3.18-150300.59.141.2
suse•kernel-obs-build&distro=SUSE Linux Enterprise Server 15 SP3-LTSS
< 5.3.18-150300.59.141.2
suse•kernel-obs-build&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP3
< 5.3.18-150300.59.141.2
suse•kernel-preempt&distro=SUSE Enterprise Storage 7.1
< 5.3.18-150300.59.141.2
suse•kernel-preempt&distro=SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS
< 5.3.18-150300.59.141.2
suse•kernel-preempt&distro=SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS
< 5.3.18-150300.59.141.2
suse•kernel-preempt&distro=SUSE Linux Enterprise Server 15 SP3-LTSS
< 5.3.18-150300.59.141.2
suse•kernel-preempt&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP3
< 5.3.18-150300.59.141.2
suse•kernel-preempt&distro=SUSE Manager Proxy 4.2
< 5.3.18-150300.59.141.2
suse•kernel-preempt&distro=SUSE Manager Server 4.2
< 5.3.18-150300.59.141.2
suse•kernel-source&distro=SUSE Enterprise Storage 7.1
< 5.3.18-150300.59.141.1
suse•kernel-source&distro=SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS
< 5.3.18-150300.59.141.1
suse•kernel-source&distro=SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS
< 5.3.18-150300.59.141.1
suse•kernel-source&distro=SUSE Linux Enterprise Server 15 SP3-LTSS
< 5.3.18-150300.59.141.1
suse•kernel-source&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP3
< 5.3.18-150300.59.141.1
suse•kernel-source&distro=SUSE Manager Proxy 4.2
< 5.3.18-150300.59.141.1
suse•kernel-source&distro=SUSE Manager Server 4.2
< 5.3.18-150300.59.141.1

Showing first 50 affected entries in server-rendered view.

SUSE-SU-2023:4348-1

Vulnerability Summary

Timeline

Description

Affected Systems

References (26)