SUSE-SU-2023:4733-1

Advisory lineage Upstream: 7 Downstream: 0
Published: 12 Dec 2023, 14:15
Last modified:02 May 2025, 04:34

Vulnerability Summary

Overall Risk (default)
minimal
0/100
CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected

Timeline

12 Dec 2023, 14:15
Published
Vulnerability first disclosed
02 May 2025, 04:34
Last Modified
Vulnerability information updated

Description

Security update for the Linux Kernel The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2023-39197: Fixed a out-of-bounds read in nf_conntrack_dccp_packet() (bsc#1216976). - CVE-2023-6176: Fixed a denial of service in the cryptographic algorithm scatterwalk functionality (bsc#1217332). - CVE-2023-45863: Fixed a out-of-bounds write in fill_kobj_path() (bsc#1216058). - CVE-2023-45871: Fixed an issue in the IGB driver, where the buffer size may not be adequate for frames larger than the MTU (bsc#1216259). - CVE-2023-39198: Fixed a race condition leading to use-after-free in qxl_mode_dumb_create() (bsc#1216965). - CVE-2023-31083: Fixed race condition in hci_uart_tty_ioctl (bsc#1210780). - CVE-2023-5717: Fixed a heap out-of-bounds write vulnerability in the Performance Events component (bsc#1216584). The following non-security bugs were fixed: - ALSA: hda: Disable power-save on KONTRON SinglePC (bsc#1217140). - Call flush_delayed_fput() from nfsd main-loop (bsc#1217408). - net: mana: Configure hwc timeout from hardware (bsc#1214037). - net: mana: Fix MANA VF unload when hardware is unresponsive (bsc#1214764). - powerpc: Do not clobber f0/vs0 during fp|altivec register save (bsc#1217780).

Affected Systems

  • susekernel-rt&distro=SUSE Linux Enterprise Micro 5.1

    < 5.3.18-150300.152.1

  • susekernel-rt&distro=SUSE Linux Enterprise Micro 5.2

    < 5.3.18-150300.152.1

References (23)