Security update for the Linux Kernel (Live Patch 28 for SLE 15 SP3) SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2023:0564-1 Final 1 1 2023-02-28T10:05:06Z current 2023-02-28T10:05:06Z 2023-02-28T10:05:06Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for the Linux Kernel (Live Patch 28 for SLE 15 SP3) This update for the Linux Kernel 5.3.18-150300_59_109 fixes one issue. The following security issue was fixed: - CVE-2023-0179: Fixed incorrect arithmetics when fetching VLAN header bits (bsc#1207139). The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). SUSE-2023-564,SUSE-SLE-Module-Live-Patching-15-SP3-2023-564 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2023/suse-su-20230564-1/ Link for SUSE-SU-2023:0564-1 https://lists.suse.com/pipermail/sle-security-updates/2023-February/013922.html E-Mail link for SUSE-SU-2023:0564-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1207139 SUSE Bug 1207139 https://www.suse.com/security/cve/CVE-2023-0179/ SUSE CVE CVE-2023-0179 page SUSE Linux Enterprise Live Patching 15 SP3 kernel-livepatch-5_3_18-150300_59_109-default-2-150300.2.1 kernel-livepatch-5_3_18-150300_59_109-preempt-2-150300.2.1 kernel-livepatch-5_3_18-150300_59_109-default-2-150300.2.1 as a component of SUSE Linux Enterprise Live Patching 15 SP3 A buffer overflow vulnerability was found in the Netfilter subsystem in the Linux Kernel. This issue could allow the leakage of both stack and heap addresses, and potentially allow Local Privilege Escalation to the root user via arbitrary code execution. CVE-2023-0179 SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_109-default-2-150300.2.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2023/suse-su-20230564-1/ https://www.suse.com/security/cve/CVE-2023-0179.html CVE-2023-0179 https://bugzilla.suse.com/1207034 SUSE Bug 1207034 https://bugzilla.suse.com/1207139 SUSE Bug 1207139 https://bugzilla.suse.com/1215208 SUSE Bug 1215208